Eyeing  the  enterprise  Juniper  makes  harder  run 

at  corporate  networks;  Lucent  Nortel  rediscover  the  enterprise.  PAGE  12 


Red  Sox  get  IT  relief  Proxy  appliance  gives 

World  Series  champs  breathing  room  on  T-1  lines.  PAGE  13. 
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A  Wider  Net 


Testing 
your 
Zinc 
in  the  data 
center 

If  they're  underfoot, 
you  may  have  a  problem; 
‘It  sounded  like  popcorn.'  _ 


BY  BOB  BROWN 


It’s  been  more  than  a  year  since  Wayne  Harris  and  his  IT 
comrades  at  a  Canadian  healthcare  organization  exorcised 
the  little  demons,  but  the  memories  still  haunt  them. 

“We  spent  an  average  of  40  hours  of  overtime  a  week  bang¬ 
ing  our  heads  against  walls  trying  to  figure  out  what  the  heck 
was  going  wrong  with  our  servers” says  the  manager  of  techni¬ 
cal  services  for  Baycrest  Centre  for  Geriatric  Care.“We  won¬ 
dered  if  we  were  being  sabotaged.” 

See  Whiskers,  page  16 


DAN  VASCONCELLOS 


A  CLOSER  LOOK: 

Service-oriented  architecture 

First  of  two  parts 

Service-oriented  hype 
to  meet  hard  realities 

■  BY  JOHN  FONTANA 


Investing  in  SOA 


A  Yankee  Group  study  of  473  CIOs  shows  that  a  broad 
cross-section  of  industries  will  invest  in  service- 
oriented  architectures. 


77% 


All  CIOs  Manufacturing  Wireless  Financial  Healthcare  Wireline  Government 
telecoms  services  telecoms 


Hype  alone  would  have  IT  exec¬ 
utives  believe  that  in  coming 
years  service-oriented  architec¬ 
tures  will  be  as  standard  within 
companies  as  morning  coffee. 

But  network  professionals  and 
industry  analysts  say  it  won’t  be 
that  easy  because  SOA  is  some¬ 
thing  you  build,  not  buy 
“There  is  no  such  thing  as  SOA; 
it  is  not  a  noun,  it  is  a  verb, ‘service 
orienting’,”  says  James  Kobielus, 
an  analyst  with  Burton  Group. 

And  the  verb  implies  that  work 
needs  to  be  done  to  service  ori¬ 
ent  applications  and  networks. 
Work  to  define  and  execute  an 
overall  strategy,  to  train  develop¬ 
ers,  to  retrofit  existing  applica¬ 
tions,  to  implement  standards,  to 


build  new  layers  of  middleware, 
to  define  new  levels  of  manage¬ 
ment,  to  devise  new  security 
defenses,  and  to  construct  meth¬ 
ods  to  track  it  all. 

It’s  all  needed  because  the  SOA 


concept  is  one  in  which  compo¬ 
nents,  whether  they  are  full  appli¬ 
cations  or  single-function  code 
such  as  a  mortgage  calculator, can 
be  shared,  reused  and  loosely 
See  SOA,  page  69 


Roadblocks  for  shared  IDs: 
Trust,  immature  standards 


■  BY  JOHN  FONTANA 

DENVER  —  Speaking  at  last  week’s  Digital  ID 
World  conference,  American  Express,  Fidelity  In¬ 
vestments,  Boeing,  Fifth  Third  Bank,  Premier  and  a 
host  of  other  companies  shared  their  hopes,  early 
successes  and  concerns  as  they  try  to  integrate 
their  identity  management  services  with  business 
partners  and  customers. 

The  goal  is  the  ability  to  have  users  authenticate 
themselves  to  their  local  network  and  then  be  able 
to  pass  that  authentication  to  partners  for  access  to 
services  or  data  on  the  partner’s  network. 


The  concept,  known  as  federated  identity,  would 
ease  user  management  and  the  associated  costs, 
improve  network  security,  provide  a  means  to  docu¬ 
ment  regulatory  compliance  and  fuel  e-commerce 
and  Web  services  that  _  _  . 

let  partners  share  com-  Microsofts  identity  p!ans. 

puting  resources.  page  8. 

Early  adopters  are  re¬ 
porting  some  of  those  benefits  mainly  in  combina¬ 
tion  with  business  partners  with  whom  they  al¬ 
ready  have  a  relationship. Those  relationships,  they 
say  are  the  place  to  start  because  they  reduce  the 

See  Federated,  page  8 


The  new  stud  on  the  server  farm. 
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Presenting  the  new  Xserve  G5,  a  wickedly  fast, 
extremely  compatible  and  refreshingly  affordable  1U 
server  from  Apple; 

With  dual  2GHz  64-bit  G5  processors,  it  achieves  blazing 
speeds  of  up  to  30  gigaflops.  It's  so  powerful,  in  fact,  that 
the  U.S.  government  is  deploying*  1 ,566  Xserve  G5  servers  to 
create  one  of  the  world's  fastest  supercomputers,  capable  of 
up  to  25  trillion  calculations  per  second. 

And  it  comes  complete  with  Mac  OS  X  Server,  Apple's 
UNIX-based  operating  system  that  provides  a  complete  suite 
of  standards-based  network  services  with  no  per-client  fees. 
So  whether  you  have  Mac,  Windows,  UNIX  or  Linux  clients, 
Xserve  is  ideal  for  cross-platform  file  sharing,  hosting 
dynamic  websites,  streaming  audio  and  video  and  running 
powerful  J2EE  applications  -  right  out  of  the  box. 

Of  course,  its  most  impressive  feature  may  be  its 
price,  starting  at  just  $2,9991  The  new  Xserve  G5. 

0 


TM  and  02004  Apple  Computer,  Inc.  All  rights  reserved.  'Order  purchased  through  COLSA  Corp.  'SRP.  For  more  info,  call  I  -877-41 APPLE  or  visit  wmv.apple.com/xserve. 


PYWARE 


Avoid  the  invisible  threat. 

Shed  light  on  the  dangers  of  spyware  and  save  your  company  from  perilous  security  breaches.  Websense  Enterprise*  is  the  only 
solution  that  lets  you  block  access  to  infected  sites,  disable  malicious  mobile  code,  stop  outbound  spyware  traffic,  and  prevent 
malware  from  being  launched  at  the  desktop,  including  disconnected  laptops. 

For  more  information  and  a  free  white  paper  on  managing  spyware, 
please  visit  www. websense. com/spyware/5. 


'  2004,  Websense  Inc.  All  rights  reserved.  Websense  and  Websense  Enterprise  are  registered  trademarks  of  Websense,  Inc.  in  the  United 
States  and  certain  international  markets.  Websense  has  numerous  other  unregistered  trademarks  in  the  United  States  and  internationally. 
All  other  trademarks  are  the  property  of  their  respective  owners. 
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Security  Summit  on 
Digital  Strategies: 

Gan  security  be  a  competitive  advantage? 
Are  security  and  privacy  at  odds  with 
speed  and  collaboration?  These  are  some 
of  the  pressing  questions  that  23  CIOs  and 
leading  academics  addressed  during  a 
recent  summit  meeting  on  security  at 
Dartmouth  College.  Page  54. 
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Policy  management 

Configuresoft's  Enterprise  Configuration 
Manager  gets  high  marks  as  a  compli¬ 
ance  management  tool.  Page  46. 


E-mail  at  a  crossroads: 

Spam,  phishing  and  other  abuses  are  threat¬ 
ening  to  undermine  confidence  in  the  Internet. 
What  will  it  take  to  solve  the  crisis  before  it's 
too  late?  Page  48. 
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j  Exclusive 

Network  World  Fusion  Radio:  Conferencing 
and  collaboration 

Conferencing  and  collaboration  have  come  a  long  way,  but  the  technol¬ 
ogy  has  miles  to  go  before  it  becomes  truly  useful.  John  Seely  Brown, 
a  visiting  scholar  at  the  Annenberg  Center  at  USC  and  former  chief 
scientist  at  Xerox  Parc,  discusses  what's  good  and  bad  about  current 
conferencing  and  collaboration  technologies. 

DocFinder:  4450 


Power  People 

Want  to  exercise  some  personal  power?  Tell  us  which  industry  players 
you  feel  qualify  for  our  annual  “50  most  powerful  people  in  the 
network  industry"  list.  DocFinder:  4034 


Case  studies 

Learn  best  practices  from  your  peers  to  make  the  most  of 
technology,  save  money  and  streamline  your  business. 

DocFinder:  4235 


RSS  feeds 

Keep  up  with  Network  World  Fusion's  breaking  news,  columnists, 
reviews  and  in-depth  feature  stories  in  a  desktop  aggregator  —  or 
offer  headlines  to  your  Web  site's  visitors. 

DocFinder:  4236 

Breaking  News 

Go  online  for  breaking  news  every  day.  DocFinder:  6342 

Free  e-mail  newsletters 

Sign  up  for  any  of  more  than  40  newsletters  on  key  network  topics. 

DocFinder:  6343 
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Columnists 

The  Wireless  Wizards 

What  happens  when  everyone  has  a  WLAN? 

The  Wizards  answer  a  reader  who  asks:  "Will  interference  limit 
the  value  of  wireless  LANs  in  the  future?  What  happens  when 
every  company,  resident  and  such  has  a  wireless  LAN?" 

DocFinder:  4451 

Nutter’s  Help  Desk 

Windows  vs.  Linux 

Help  Desk  Ron  Nutter  answers  a  reader  who  writes:  “As  we 
look  to  add  additional  servers  to  our  network,  the  discussion  is 
whether  to  use  Windows  or  Linux.  How  should  we  fairly  evaluate 
our  options?" 

DocFinder:  4452 

Telework  Beat 

Census  counts  home  workers 

Nct.Worker  Managing  Editor  Toni  Kistner  say  the  new  "Working 
at  Home:  2000"  report  shows  we  haven't  come  all  that  far 
when  it  comes  to  the  diversity  of  the  telework  population. 

DocFinder:  4453 

Seminars  and  Events 


Weekly  Webcast  Newsletter 

Our  weekly  newsletter  delivers  information  on  Webcasts  on 
Network  World  Fusion  —  your  24/7  source  for  solutions 
and  strategies,  with  links,  resources  and  answers  you  need, 
Covering  topics  such  as  security,  applications  and  wireless, 
our  Webcasts  are  focused,  single-topic  briefings  from  tech¬ 
nology  experts.  DocFinder:  2542 


What  is  DocFinder? 

We’ve  made  it  easy  to  access  articles  and 
resources  online.  Simply  enter  the  four-digit 
DocFinder  number  in  the  search  box  on  the 
home  page,  and  you’ll  jump  directly  to  the 
requested  information. 
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U.K.  report  boosts  desktop  Linux 

■  Open  source  software  proponents  received  a  potential  boost 
from  the  U.K.  government  last  week  with  a  release  of  a  report  cit¬ 
ing  the  well-documented  advantages  on  the  server  side,  and  also 
growing  maturity  on  the  desktop  front.  The  assessments  were 
made  by  the  U.K.  government’s  central  procurement  agency  the 
Office  of  Government  Commerce,  in  summarizing  its  trials  of  open 
source  software  use  in  the  public  sector. The  OGC  cited  progress  in 
desktop  products, such  as  OpenOffice  or  Sun’s  StarOffice,  for  “trans¬ 
actional  workers”  who  handle  routine  duties,  but  not  for  “knowl¬ 
edge”  or  “power  users”  who  require  more  advanced  capabilities. 
However,  85%  to  90%  of  the  desktop  users  at  government  trial  sites 
were  transactional  users  who  could  perform  their  jobs  with  basic 
word  processing,  e-mail  and  spreadsheet  tools,  the  report  said.  In 
addition  to  its  maturing  functionality  open  source  software  has 
related  benefits  in  terms  of  hardware  because  it  requires  less 
memory  and  a  slower  processor  speed  for  the  same  functionality 
that  proprietary  applications  offer,  the  OGC  report  said. 

Vendors  push  Trusted  Mobile  Platform 

■  With  an  eye  toward  making  mobile  devices  and  the  commerce  services  that  run  over 
them  more  secure,  NTT  DoCoMo,  Intel  and  IBM  last  week  published  a  jointly  developed 
security  specification  called  the  Trusted  Mobile  Platform.lt  aims  to  provide  an  end-to-end 
security  architecture  for  mobile  wireless  devices,  including  hardware  and  software  com¬ 
ponents  and  technology  protocols,  the  companies  said.  It  also  incorporates  security  tech¬ 
nologies  and  controls  such  as  tamper-resistant  modules,  domain  separation  and  autho¬ 
rization  and  management  protocols,  the  group  said. Trusted  Mobile  Platform  is  designed 
to  protect  against  viruses  and  other  security  threats,  and  let  phones  be  used  for  more 
advanced  applications  such  as  “e-tickets”  and  “e-wallets”  that  could  be  used  to  pay  for 
goods  in  stores  and  online.  It  includes  a  protocol  to  show  that  a  device  is  a  trusted  mem¬ 
ber  of  a  network  and  can  be  safely  connected  to  other  devices,  the  companies  said. 

'Wiki'  start-up  generating  early  buzz 

B  A  Silicon  Valley  start-up  aiming  to  catapult  wikis  into  the 
mainstream  and  transform  the  editable  Web  sites  into  an 


“Boy,  is  this  SIMS  Real 
World  game  cool!” 


Even  cooler  is  Mike  Sandvik  of  Coon 
Rapids,  Minn.,  who  wrote  the  above 
and  is  the  winner  of  the  latest 
Weekly  Caption  Contest.  Wanna  be 
like  Mike?  Check  back  every 
Monday  for  the  start  of  the  next 
round,  www.nwfusion.com, 
DocFinder:  4242. 
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<@>  Time  to  hit  up  the  boss.  Overall  CEO  confidence  has  been  sliding 
over  the  past  few  months,  but  a  Chief  Executive  magazine  survey  of  500  U.8.  CEOs 
shows  real  interest  in  increasing  tech  spending  in  the  near  future.  More  than  70% 
of  CEOs  surveyed  said  they  intend  to  boost  tech  spending  in  the  next  year,  while 
25%  expect  to  increase  spending  by  more  than  10%  of  their  current  budget.  The 
top  three  areas  for  CEOs  to  add  additional  resources  are  hardware,  security  and 
software  integration. 


Beware  this  patch.  Security  experts  are  warning  of  a  phishing  scam 
that  targets  Red  Hat  Linux  users  with  a  “patch”  that  is  actually  a  Trojan  horse.  The 
faked  message  looks  like  it  comes  from  the  Red  Hat  Security  Team  and  warns  of 
a  vulnerability  in  the  operating  system's  "Is”  and  "mkdir"  commands,  according  to 
an  advisory  from  K-Otik,  a  security  consultancy.  The  downloaded  file  creates  a 
bogus  user  account  that  an  attacker  can  use  to  access  the  system. 

Spammers  on  trial.  The  first  felony  case  for  alleged  spammers  in 
the  U.S.  went  to  trial  last  week  in  Virginia.  The  three  defendants  have  been  charged 
with  sending  AOL  customers  millions  of  unwelcome  e-mail  messages  regarding  penny 
stocks  and  assorted  gimmicks.  They  each  face  up  to  15  years  in  jail  if  convicted 
on  all  three  counts.  Y 


VOU'VE  GOT 
JAIL 


application  development  platform  has  attracted  a  flood  of  interest  for  its  product  beta. 
Nearly  3,000  companies, small  and  large,  have  signed  up  for  free  beta  test  accounts  with 
JotSpot,  the  company  says.  Wiki  is  a  term  derived  from  the  Hawaiian  word  for  “quick” 
and  describes  Web  sites  that  can  be  accessed  and  changed  using  a  simple  browser- 
based  user  interface.  Especially  popular  among  tech-sawy  people,  probably  the  most 
visible  wiki  is  Wikipedia,  an  online  encyclopedia  created  by  thousands  of  people. 
JotSpot  seeks  to  make  wikis  more  accessible  by  adding  a  “what  you  see  is  what  you  get” 
editor  that  even  novice  users  should  be  able  to  handle.  And  to  make  wikis  more  useful 
as  a  collaboration  tool,  JotSpot  gives  each  wiki  page  that  it  hosts  an  e-mail  address, 
which  lets  users  add  an  archive  of  e-mail  messages  to  pages. 

Competition  underway  to  run  .net 

■  The  Internet  Corporation  for  Assigned  Names  and  Numbers  was  expected  to  kick  off 
a  competition  to  operate  the  .net  registry  last  Friday  with  its  release  of  a  draft  request  for 
proposals.  Confirmation  was  unavailable  at  press  time.  The  domain  name  industry 
expects  a  final  RFP  to  be  issued  in  mid-November,  with  bids  due  in  early  January  The 
high-profile  contract  is  scheduled  for  award  next  spring,  and  a  June  cut-over  date  is 
anticipated.  The  competition  is  expected  to  pit  incumbent  VeriSign  against  upstarts 
Afilias  and  NeuLevel.  Afilias  operates  the  .info  registry  and  provides  back-end  registry 
services  for  .org  and  eight  country  code  top-level  domains.  NeuLevel  operates  the  .biz 
and  .us  registries.  The  competition  will  be  fierce  because  .net  is  a  critical  piece  of  the 
Internet  infrastructure. Only  4.9  million  .net  names  have  been  registered, compared  with 
nearly  30  million  .com  names.  However,  .net  names  are  often  used  for  the  name  servers 
and  e-mail  services  that  underpin  major  e-commerce  sites  and  corporate  VPNs. 


YOUR  COMPANY’S  FIREWALL 


Introducing  DuPont™  certified  limited  combustible  cable.  In  the  event  of  a  fire,  securing  your 
business’  uptime  is  crucial.  The  data  communications  cable  you  choose  could  play  a  key  role  in  protecting 
your  network  technology  investment.  DuPont ™  certified  cable  produces  20  times  less  smoke  than  other 
plenum  rated  cables.  And  less  smoke  means  less  costly  downtime,  making  it  the  most  advanced  fire 
safety  cable  technology  available  today.  To  learn  more  about  DuPont' M  certified  limited  combustible  cable 
or  to  request  a  free  CD,  log  on  to  teflon.com/cablingmaterials  or  call  1-800-207-0756. 
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Slicrosoft  readying  simpler  ID  mgmt 


■  BY  JOHN  FONTANA 

DENVER  —  Microsoft  is  devel¬ 
oping  a  portal-like  interface  for  its 
identity  management  platform 
that  will  let  users  self-manage 
their  identity  information  and 
provision  network  services. 

The  features  are  part  of  Gemini, 
the  code  name  for  the  next  ver¬ 
sion  of  Microsoft  Identity  Integra¬ 
tion  Server  (M1IS).  Microsoft  offi¬ 
cials  offered  the  first  peek  at 
Gemini  at  last  week’s  Digital  ID 
World  conference.  Microsoft  said 


Federated 

continued  from  page  1 

trust  and  legal  issues  inherent  in 
sharing  user  data  and  exposing 
corporate  systems. 

Both  those  issues  are  major 
sticking  points  to  adoption  of 
federation.  Users  are  concerned 
not  only  about  liabilities  in  han¬ 
dling  sensitive  and  often  private 
data, but  how  partners  will  use  or 
share  that  information  with  oth¬ 
ers  through  federation,  which 
could  expose  otherwise  confi¬ 
dential  data. 

“The  challenge  in  federation  is 
the  trust  model, ’’says  Mike  Beach, 
associate  technical  fellow  in  the 
shared  services  group  at  Boeing. 
“How  do  we  not  jeopardize  secu¬ 
rity  and  not  anger  customers.” 

Standards  challenge 

Another  challenge  is  standards. 

While  there  is  agreement  that 
identity  management  standards 
must  converge,  there  is  no  indus¬ 
try  agreement  yet  on  one  bench¬ 
mark.  The  Security  Assertion 
Markup  Language  seems  to  have 
garnered  more  acceptance  than 
the  Liberty  Alliance  specifica¬ 
tions,  although  the  two  will  con¬ 
verge  in  SAML  2.0,  which  is  near¬ 
ing  standardization. 

IBM  and  Microsoft  also  are 
developing  a  competing  speci¬ 
fication  called  WS-Federation. 
While  different  in  approach,  both 
SAML  and  WS-Federation  look  to 
standardize  the  way  companies 
share  user  and  machine  identi¬ 
ties  among  disparate  authentica¬ 
tion  and  authorization  systems. 

Beach  says  role-based  access,  in 
which  a  user  is  granted  network 
privileges  based  on  some  defined 
role  such  as  engineer,  is  another 
problem  area. 

“We  do  role-based  access 
today  with  about  400  airlines 
and  each  one  has  its  own  roles. 


Gemini  likely  would  ship  at  the 
same  time  as  Longhorn  server  in 
2007,  but  could  be  released  as 
early  as  2006. 

Microsoft  says  Gemini’s  high¬ 
light  is  self-service  provisioning 
features  that  let  users  maintain 
their  own  identity  information 
and  give  delegation  of  authority 
to  managers,  department  heads 
and  others  to  create  and  delete 
accounts  for  select  user  sets. 

The  intent  is  to  make  it  easier 
and  more  cost-effective  for  cus¬ 
tomers  to  manage  user  identity 


SAML  isn’t  equipped  to  deal  with 
that,”  he  says. 

Fidelity  has  half  a  dozen  com¬ 
panies  and  200,000  people  who 
use  SAML-based  federation  ser¬ 
vices.  Fidelity  also  does  some  fed¬ 
eration  between  its  internal  bene¬ 
fits  site  and  third-party  providers 
and  internal  federation  so  users 
have  access  to  partners. 

“Time  and  effort  put  into  edu¬ 
cation  and  legal  issues  are 
among  our  biggest  gotchas,”  said 
Alex  Popowycz,  vice  president  of 
information  security  at  Fidelity. 
But  he  said  the  technology  solves 
access  issues  and  agreed  with 
other  users  that  federated  identity 
will  be  the  wave  of  the  future. 

“The  technology  is  not  ready 
today,  but  federated  identity  will 
eventually  become  ubiquitous,” 
Beach  said. 

Boeing  last  year  kicked  off  a  fed¬ 
erated  identity  deployment  with 
Southwest  Airlines.“We  are  learn¬ 
ing  that  trust  is  a  real  problem, 
slowing  much  broader  deploy¬ 
ments.  Our  pains  since  deploy- 


and  access  by  pushing  out  those 
responsibilities  to  users  with  a 
vested  interest  in  the  information. 

“This  is  a  self-managing  model 
with  constraints  as  opposed  to  the 
manual  model  of  todajf  says  Kim 
Cameron,  architect  of  directory 
services  for  Microsoft.“For  the  first 
time  we’ll  have  a  separate  provi¬ 
sioning  component  that’s  self-ser¬ 
vice  for  identity  management.” 

MIIS  is  a  system-to-system  inte¬ 
gration  hub  built  on  meta-direct¬ 
ory  technology  that  pushes 
identity  changes  made  in  one 


ment  have  been  monitoring, 
management  and  troubleshoot¬ 
ing.  It’s  hard  enough  to  trou¬ 
bleshoot  issues  within  Boeing, 
now  we  have  other  companies 
involved.” 

Those  types  of  issues  point  to 
the  risks  associated  with  feder¬ 
ated  identity  when  users  start  to 
share  policies,  to  mandate  cer¬ 
tain  levels  of  technical  opera¬ 
tion  and  try  to  audit  and  log  the 
information  that  is  passed  be¬ 
tween  partners. 

“The  next  step  from  identity 
management  to  federated  iden¬ 
tity  is  really  a  huge  leap,”  said 
Mike  Neuenschwander,  an  ana¬ 
lyst  with  Burton  Group,  who  led  a 
Digital  ID  World  panel  of  early 
adopters  in  a  discussion  about 
federated  identity 

“We’ve  had  some  quick  thrills 
but  now  we  want  to  share  such 
things  as  user  attributes  to  sup¬ 
port  personalized  services,  and 
you  create  issues  around  seman¬ 
tics,  privacy  and  trust,”  he  said. 

Users  says  those  issues  might  be 


system  out  to  all  other  systems 
connected  to  the  hub  to  keep 
identity  information  in  sync  or  to 
create  accounts.  For  example,  a 
new  employee  added  to  the 
human  resources  system  could 
trigger  the  account  creation  for 
that  user  in  other  systems  based 
on  a  set  of  pre-defined  rules.  Also, 
an  employee’s  job  status  change 
could  trigger  new  levels  of  privi¬ 
leges  in  current  accounts. 

Cameron  says  users  can  go  as 
far  as  they  want  in  delegating  pro¬ 
visioning  authority  including  pro- 


solved  by  creating  smaller  com¬ 
munities  of  trust,  possibly  by  verti¬ 
cal  industry  which  would  create 
standard  policies  around  sharing 
identities. 

“1  look  at  Covisint  in  the  auto 
industry  where  you  have  a  com¬ 
munity  of  trust,”  said  Bob  West, 
chief  information  security  officer 
for  Fifth  Third  Bank  in  Cin¬ 
cinnati.  Covisint  allows  those  in 
the  auto  industry  to  share  busi¬ 
ness  processes. 

“You  could  create  the  same  sort 
of  identity  hub,”  he  says. 

While  users  are  quickly  identify¬ 
ing  their  concerns,  no  one  seems 
to  be  looking  back. 

“The  centralized  model  [for 
identity]  is  dead.lt  didn’t  scale  in 
the  ’90s  and  it  doesn’t  scale 
now’says  Michael  Barrett,  vice 
president  of  Internet  technology 
strategy  for  American  Express 
and  the  president  of  the  Liberty 
Alliance.  ■ 
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visioning  group  memberships 
within  Active  Directory  “We  have 
finally  finished  the  wiring  [of  the 
identity  platform],  and  now  we 
can  do  more  stuff  on  top  that  is 
valuable,”  he  said. 

Self-service  delegation  and  ad¬ 
ministration,  along  with  Web- 
based  access  controls,  have  been 
the  most  glaring  gaps  in  Micro¬ 
soft’s  identity  management  strat¬ 
egy  experts  say  Microsoft,  along 
with  HR  IBM,  Novell,  Oracle  and 
Sun  are  building  comprehensive 
identity-management  platforms 
with  an  eye  on  Web  services  and 
standards-based  interoperability 

“A  lot  of  people  want  to  do  self- 
service  and  provisioning  but  it 
takes  a  lot  of  work  and  cus¬ 
tomization  to  get  the  needed 
workflow  and  approval  rout¬ 
ing,”  says  Jamie  Lewis,  president 
of  Burton  Group. 

“It’s  good  what  Microsoft  is 
doing  but  the  question  is  to  what 
degree  can  it  pre-package  that 
and  make  it  function  without  a 
lot  of  customization,”  he  adds. 

Lewis  says  Microsoft  also  will 
need  to  increase  the  number  of 
connectors  in  MIIS  to  non- 
Windows  systems. 

MIIS  shops  today  must  write 
scripts  to  delegate  any  level  of 
provisioning  authority  to  users. 
In  Gemini,  users  will  have  a  per¬ 
sonalized  point-and-click  portal¬ 
like  interface  that  gives  privileges 
that  reflect  their  role  and  author¬ 
ity  level  within  an  organization. 
The  feature  will  be  linked  with 
the  Authorization  Manager  fea¬ 
tures  in  Windows  Server  2003 
and  with  an  audit/reporting 
module  in  Gemini  based  on 
another  technology  Microsoft  is 
developing  called  the  Audit 
Collection  System,  which  is  used 
to  track  changes  made  to  user 
identities  and  access  rights. 

MIIS  is  one  component  of 
Microsoft’s  emerging  identity- 
management  platform  that  also 
includes  Active  Directory  and 
Active  Directory  Application 
Mode  (ADAM).  ADAM  is  based 
on  the  Lightweight  Directory 
Access  Protocol  and  is  an  alter¬ 
native  to  the  standard,  full  install 
of  Active  Directory 

Microsoft  plans  to  release 
Service  Pack  1  of  the  current  ver¬ 
sion  of  MIIS  along  with  Windows 
Server  2003,  code  named  R2,  in 
the  second  half  of  2005.That  MIIS 
release  will  include  more  syn¬ 
chronization  connectors  as  well 
as  upgrades  to  password  manage¬ 
ment  features.  ■ 


Identity  exchange 

In  a  basic  model  to  share  identities  between  companies,  known  as  federated  identity, 
a  user’s  identity  credential  issued  on  his  corporate  network  can  be  used  to  access 
services  on  a  partner’s  network.  The  exchange  of  credentials  is  supported  by  a  number 
of  protocols,  including  the  Security  Assertion  Markup  Language,  the  Liberty  Alliance 
specification  or  WS-Federation. 


O  User  authenticates  to  a  Web-based  application  on  Server  A  within  his  company  seeking  data  that  is  housed  on  a  database  maintained 
by  a  partner. 

©  Server  A  passes  the  users  authentication  credentials  to  Server  B  on  the  partner  network. 

©  Server  B  validates  the  credential  with  Server  A. 

O  Server  B  either  validates  or  rejects  user’s  request  for  access  to  database. 
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Forbes.com _ 

Tests  New  Data  Center 

Spirent  helps  leading  business  site 
ensure  performance 

Michael  Smith  ,  Vice  President  and  COO,  Forbes.com 
“By  helping  us  prevent  downtime,  Avalanche  saves  us  time  and  money.  ” 


If  you  want  up-to-date  business  news,  chances 
are  you’ve  visited  Forbes.com.  The  popular  Web  site 
is  known  not  only  for  its  original,  in-depth  report¬ 
ing  but  also  for  its  comprehensive  lists.  These  lists 
range  from  the  Forbes  2000,  a  ranking  of  the  world’s 
biggest  companies,  to  surveys  of  the  best  business 
schools. 

To  ensure  their  site  meets  visitors’  expectations 
for  performance  and  availability,  Forbes.com  tests 
its  Web  infrastructure  regularly  with  the  Avalanche 
load-testing  appliance  from  Spirent  Communica¬ 
tions.  Testing  with  Avalanche  not  only  helped  the 
company  prepare  for  their  move  to  a  new  data 
center,  but  also  assures  Forbes.com  that  their  Web 
site  is  prepared  to  handle  the  spikes  in  traffic  that 
come  with  the  release  of  its  popular  lists. 

Moving  to  a  New  Data  Center 

Forbes.com  is  one  of  the  most  trusted  informa¬ 
tion  resources  for  international  business  leaders 
and  senior  executives.  The  site  provides  real-time 
business  news,  stock  and  mutual  fund  quotes,  com¬ 
prehensive  company  profiles  and  a  wide  array  of 
interactive  tools,  including  the  famous  Forbes  lists. 

In  late  2003,  the  company  realized  that 
Forbes.com  had  outgrown  its  data  center.  In 
December,  Forbes.com  prepared  to  move  to  a  new 
center  that  could  better  accommodate  its  growth. 


“There  was  absolutely  no 
question  that  we  were  going 
to  stick  with  the  Avalanche !” 


“We’d  been  in  our  existing  site  for  four  years  and 
had  outgrown  it,”  says  Michael  Smith,  vice  president 
and  COO  of  Forbes.com.  “We  were  upgrading  our 
hardware  to  new  Foundry  Networks  core  routers 
and  switches  and  our  software  to  Linux,  so  we  had  a 
chance  to  start  fresh  and  make  sure  the  site  became 
faster  and  more  scalable.  We  want  to  ensure  that 


the  user  experience  is  as  responsive  when  we’re 
experiencing  high  traffic  on  an  atypical  list  release 
day  as  it  is  on  a  regular  business  day.” 

To  ensure  the  cutover  would  be  successful, 
Forbes.com  decided  to  test  the  stability  and  availabil¬ 
ity  of  its  new  Web  infrastructure  with  the  Avalanche 
2500  load-testing  appliance  from  Spirent  -  a  prod¬ 
uct  the  company  had  used  to  test  its  Web  site  since 
2001.  “There  was  absolutely  no  question  that  we 
were  going  to  stick  with  the  Avalanche,”  Smith  says. 

As  one  of  the  top  business  sites  on  the  Web, 
Forbes.com  gets  a  high  volume  of  traffic  on  a  daily 
basis.  However,  that  traffic  level  spikes  on  the  days 
that  the  site  releases  its  lists.  In  addition,  Forbes.com 
adds  new  functionality  every  week  to  the  150-plus 
applications  that  run  the  site.  The  company  can’t 
afford  for  its  site  to  be  down,  because  visitors  will 
simply  click  over  to  a  competitor’s  site. 

“It’s  critically  important  that  we  constantly 
test  the  site  to  ensure  that  it  has  the  scalability  to 
handle  both  surges  in  traffic  and  the  addition  of 
new  software,”  Smith  says.  “We  need  a  tool  that 
can  push  traffic  far  beyond  what  we  think  we’ll  get, 
so  we  can  analyze  our  upper  limits  and  anticipate 
where  things  might  break.” 

Optimizing  TCP  Throughput 

During  the  tests  on  Forbes.com’s  new  data  cen¬ 
ter  infrastructure,  the  team  used  the  Avalanche  test 
appliance  from  Spirent  Communications  to  gener¬ 
ate  a  mix  of  users  and  traffic  rates  that  emulated 
the  expected  traffic  on  Forbes.com.  The  test  team 
configured  the  Avalanche  to  simulate  30,000  con¬ 
current  users  and  12,000  to  15,000  hits  per  second 
while  the  site  served  up  more  than  400  Mbps  of 
content. 

Through  Avalanche  testing,  the  team  discovered 
that  throughput  was  below  acceptable  levels,  with 
the  site  serving  only  a  fraction  of  the  required  pages. 
By  testing  with  Avalanche,  they  identified  the  poten¬ 
tial  breaking  point  of  the  new  site. 

The  team  quickly  set  up  tests  to  identify  the  limit¬ 
ing  performance  thresholds  across  several  metrics 
-  bandwidth,  transactions  per  second  and  concur¬ 


Contact  Spirent  at  1-800-927-2660  or  to  download  the 
Forbes.com  case  study ,  go  to: 

iv  zv  iv.  spirentcom.  com/forbes 


rent  users.  Once  the  bottlenecks  were  identified, 
it  was  revealed  that  the  Forbes.com  traffic  mix  had 
been  constrained  by  servers  that  were  accepting  a 
low  rate  of  new  TCP  connections. 

The  servers  in  the  new  data  center  had  been 
tuned  to  create  more  TCP  connections  than 
the  previous  process  could  actually  thread.  By 
re-tuning  the  new  servers  to  deliver  a  higher  level 
of  TCP  throughput,  a  more  robust  user  experience 
was  achieved. 


“We  used  the  Avalanche  to 
test  the  limits  of  the  new  site 
until  we  felt  that  it  was  ready 
to  flip,”  Smith  says.  “When 
we  cut  over,  we  had  every 
confidence  that  it  would  run 
perfectly  —  and  it  did.  ” 


Flawless  Performance 

After  optimizing  the  Web  servers,  Forbes.com 
used  the  Avalanche  to  test  its  application  servers, 
the  performance  of  hardware  devices  such  as  load 
balancers  and  even  the  failover  site.  When  the  day 
came  to  switch  over  to  the  new  site,  Forbes.com  felt 
completely  secure  that  the  new  Web  infrastructure 
could  handle  the  demands  of  real-world  traffic. 

“We  used  the  Avalanche  to  test  the  limits  of  the 
new  site  until  we  felt  that  it  was  ready  to  flip,”  Smith 
says.  “When  we  cut  over,  we  had  every  confidence 
that  it  would  run  perfectly  -  and  it  did.  The  enhanced 
reliability  and  performance  achieved  through 
Avalanche  testing  has  delivered  immeasurable 
value.  By  helping  us  prevent  downtime,  Avalanche 
saves  us  both  time  and  money.” 
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Company  launches  edge  switch  with  copper,  fiber  10G  links. 


■  BY  PHIL  HOCHMUTH 

HP  this  week  is  expected  to 
release  two  wiring  closet  switches 
that  let  users  uplink  with  10G 
Ethernet  via  fiber  or  copper  links. 

The  ProCurve  3400  series 
switches  are  fixed-configuration 
boxes  with  10/1 00/ 1 OOOM  bit/sec 
ports  for  connecting  network 
devices,  and  two  slots  for  single- 
or  multi-mode  fiber  or  CX-4  cop¬ 
per  10G  Ethernet  uplinks.  The 
boxes  could  help  businesses  that 
need  to  connect  large  numbers 
of  fast  computers  to  a  LAN,  or 
aggregate  Gigabit  links  from  mul¬ 
tiple  switches  with  10  Gigabit 
uplinks. 

The  ProCurve  3400cl  24Gb  is  a 
24-port,  10/ 100/1  OOOM  bit/sec 
switch  with  four  auxiliary  ports 
for  Gigabit  copper  or  fiber  in  the 
front, and  slots  in  the  back  for  10G 
uplink  modules. The  3400cl  48Gb 
has  the  same  uplinks  and  four 
fiber/copper  auxiliary  Gigabit 
ports,  but  it  includes  48  triple¬ 
speed  ports  on  the  front. 

“This  bodes  well  for  the  10 
Gigabit  market," says  Max  Filisi,  an 
analyst  with  IDC.  He  says  HP’s 


100,  three  ways 

HP’s  ProCurve  3400  series  switches,  which  have  24  or 
48  ports  of  10/100/1000M  bit/sec  Ethernet,  boast  three 
ways  to  uplink  with  10G  Ethernet. 

ProCurve  3400 
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O  Copper-based  10  ©  Fiber  media  converters  let  ©lOGBase-SR,  LR  and  ER 

Gigabit  CX  ports  allow  10G  Ethernet  CX-4  ports  ports  are  also  available  for 
connect  to  a  special  fiber 
cable,  for  longer  runs. 


for  short  stacking 
connections. 


longer  runs,  such  as  uplinks 
to  a  10G  backbone  router. 


switches,  which  will  let  803.3ak 
ports  be  connected  to  a  special 
fiber-optic  cable,  which  can 
extend  10G  reach  up  to  300  feet 
(about  as  far  as  Gigabit  Ethernet 
over  copper  can  go).  However, 
this  technology  won’t  be  avail¬ 
able  until  spring  2005. 


fcfc  We’re  seeing  more  vendors  getting  into 
[10G  Ethernet],  and  it's  a  testament  to  the 
fact  that  there  is  demand  for  the  technol¬ 
ogy  and  potential  for  growth.  99 


Max  Filisi 

Analyst,  IDC 

push  into  10G  with  lower-priced 
products  should  help  drive  adop¬ 
tion  of  the  technology  while  pres¬ 
suring  competitors  to  also  cut 
prices.  “We’re  seeing  more  and 
more  vendors  getting  into  [10G 
Ethernet] ,  and  it’s  a  testament  to 
the  fact  that  there  is  demand  for 
the  technology  and  potential  for 
growth.” 

The  slots  in  the  back  of  both 
boxes  can  be  fitted  with  several 
types  of  10  Gigabit  or  Gigabit 
uplinks.  Single-mode  and  multi- 
mode  10G  ports  are  supported,  as 
is  the  recently  approved  803.3ak 
standard  for  10G  Ethernet  over 
copper.  This  technology  uses  a 
CX-4  copper  Infiniband  cable  to 
link  switches  over  short  distances 
(50  feet).  HP  also  is  announcing  a 
copper-to-optical  module  for  the 


HP  says  the  CX-4-based  10G 
ports  are  good  for  stacking  3400s 
together,  or  for  linking  back  to  a 
core  switch  with  copper  10 
Gigabit  connections.  HP  says  it 
will  have  an  802.3ak  blade  for  its 
core  9300  series  switch  in  2005; 
Cisco  has  a  two-port  803.2ak-com- 
pliant  blade  for  the  Catalyst  6500. 

Besides  fast  port  speeds  and 
diverse  uplinks,  HP  says  its 
switches  also  offer  advanced  rout¬ 
ing  and  traffic  control  features, 
which  other  vendors  charge  extra 
for  on  competing  products.  HP 
says  the  3400s  come  with  full 
Layer  3  routing,  and  support  for 
Routing  Information  Protocol 
and  Open  Shortest  Path  First  pro¬ 
tocols,  as  a  standard  feature.  The 
switches  also  support  Layer  2,  3 
and  4  QoS  technologies,  such  as 


virtual  LAN  and  traffic  tagging, 
Resource  Reservation  Protocol 
and  Differentiated  Services. 

Price  is  another  differentiator 
HP  is  touting.  The  two-port  10 
Gigabit  module  starts  at  about 
$2,700  with  the  optics  starting  at 
$4,000  for  a  total  of  about  $3,350 
per  10  Gigabit  port.  This  is  about 
45%  to  60%  less  than  lOG-capable 
wiring  closet  switches  from 
Foundry  Networks  and  Extreme 
Networks,  which  also  charge  extra 
foi  full  Layer  3  capabilities. 

Pricing  for  the  3400  series 
products: 

•  24-port  3400cl-24Gb,  $3,760. 

•  48-port  3400cl48Gb,  $6,900. 

•  Dual-port  10  Gigabit  Ethernet 
Media  Flex  Module,  $2,700  and 
available  in  December. 

•  10GBase-CX-4  copper  mod¬ 
ules,  $1,700  and  available  in 
December. 

•  lOGBase-LR  single-mode-fiber 
module,  $4,000  and  available  in 
December. 

An  additional  multi-mode  10G 
module,  and  a  long-range  (25- 
mile)  single-mode-fiber  module 
will  be  available  in  the  second 
quarter  of  2005,  with  pricing  to  be 
determined.  The  CX-4  Optical 
Media  converter  also  will  be 
available  in  spring  2005.  ■ 
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Company  says  it  will  reveal  its  business 
service  management  strategy  and  products. 

■  BY  DENISE  DUBIE 

HP  later  this  month  is  expected  to  unveil  the  fruit  of  two  acquisitions 
that  the  company  says  will  help  customers  automate  the  detection 
and  resolution  of  application  performance  problems  and  maintain  IT 
service  levels. 

At  HP  Software  Universe  2004  in  Madrid,  HP  will  announce  its  plans 
to  couple  new  and  current  products  with  professional  services  that 
could  help  customers  adopt  IT  service  management  best  practices  as 
outlined  in  the  Information  Technology  Infrastructure  Library  for 
example. 

The  company  will  unveil  products  that  incorporate  technology  from 
Novadigm’s  systems  management  software  and  Consera’s  modeling 
tools.  HP  acquired  the  two  companies  earlier  this  year. 

HP  competitor  BMC  Software  last  month  announced  similar  plans 
with  the  release  of  its  Service  Impact  Manager  5.0,  which  BMC  says 
will  help  customers  quickly  synchronize  IT  infrastructure  components 
with  business  applications  and  let  customers  manage  IT  based  on  ser¬ 
vice  delivery. 

“I  am  looking  at  business  service  management  as  vapor-ware  right 
now;”  says  Jason  Kennedy  senior  analyst  and  system  engineer  at 
Tsunami  Communications, an  enterprise  IT  consulting  firm.The  buy-in 
and  leg  work  required  to  get  the  IT-business  alignment  done  right  now 
is  monstrous.” 

HP  also  needs  to  clearly  identify  to  whom  in  the  IT  organization  it 
will  target  its  products.  “This  is  not  as  easy  as  it  sounds  because  the 
technology  theoretically  should  be  used  by  and  give  value  to  many 
different  parts  of  IT  —  operations,  business  units,  developers,  even 
auditing  and  purchasing,” says  Jasmine  Noel,  principal  with  Ptak,Noel 
and  Associates. 

She  says  an  ideal  integration  would  use  Novadigm  technology  to 
discover  asset  configurations,  Consera  tools  to  map  the  relation¬ 
ships  between  assets  and  business  applications,  and  OpenView 
ServiceDesk  to  kick  off  problem  resolution  when  service  levels 
aren’t  met. 

For  now,  HP  has  moved  Novadigm’s  popular  systems  manage¬ 
ment  software  suite,  Radia,  under  its  own  HP  OpenView  Change 
and  Configuration  Management  solutions  brand.  Scott  Donaldson, 
vice  president  of  software  distribution  and  workspace  automation 
at  KeyCorp, a  bank-based  financial  services  company  in  Cleveland, 
reports  no  real  changes  in  product  support  or  technical  engineer¬ 
ing  since  HP  acquired  Novadigm.  He  is  in  the  process  of  imple¬ 
menting  Radia  OS  Manager  for  automated  provisioning  and  Radia 
Patch  Manager  for  applying  software  patches  to  systems. 

“Patch  management  is  an  obvious  area  in  which  HP  could  quickly 
get  a  lot  of  value  out  of  Novadigm’s  technology?’ says  George  Hamilton, 
a  senior  analyst  at  The  Yankee  Group. 

With  competitors  such  as  Computer  Associates  and  IBM  focusing  on 
security  management  products,  including  patch  and  identity  manage¬ 
ment,  Hamilton  says  HP  needs  to  up  its  security  management  product 
offerings  if  it  wants  to  offer  complete  IT  service  management.* 


Hate  hunting  for  stories  on  a  specific  topic?  Let  the  news 
come  to  you  with  Network  World’s  latest  news  alerts  — 
with  focuses  on  security,  financials,  standards,  trade 
show  news  and  vendor-specific  news. 

Sign  up  today  at 

www.nwhision.com 

DocFinder:  8526 


BECAUSE  HYBRID  IS 
ACTUALLY  NOT  A  SOLUTION. 

(EXCEPT  FOR  CARS.) 


Hybrid  is  as  hybrid  does.  And  when  it  comes  to  IP  Communications,  hybrid  doesn't  do  much  more  than  compromise.  Hybrid  doesn't  do  seamless 
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Communications  solutions  or  to  find  a  service  provider  that  offers  these  managed  services  over  a  Cisco  Powered  Network,  visit  cisco.com/domore. 

COMMUNICATION.  THE  NEW  FASHIONED  WAY.  CISCO  IP  COMMUNICATIONS. 


Cisco  Systems 


THIS  IS  THE  POWER  OF  THE  NETWORK.  nOW. 


® 


<52004  Cisco  Systems,  Inc.  All  rights  reserved. 


m  NetworkWorld 


11/1/04 


News 


www.nwfusion.com 


quipment  makers  revive  corp.  net  plans 


m  BY  JIM  DUFFY 

Traditional  telecom  equipment 
vendors  are  increasingly  targeting 
the  enterprise  network  market, 
banking  on  growing  demand  for 
packet-based  capabilities  similar 
to  those  for  carriers. 

The  fact  that  the  worldwide  mar¬ 
ket  for  packet-based  enterprise 
communications  equipment  is 
twice  as  big  as  that  for  service 
provider  equipment  has  not  been 
lost  on  Lucent  and  Nortel,  which 
are  rediscovering  network  reli¬ 
gion  after  disengaging  from  the 
market  to  different  degrees  in 
recent  years. 

Juniper,  meanwhile,  is  itching  for 
a  fight  with  Cisco,  the  runaway 
leader  in  the  enterprise  network 
market.  Juniper  has  begun  mount¬ 
ing  its  inaugural  quest  in  this  mar¬ 
ket,  an  effort  that  will  consist  of 
buying  and  building  technology 
and  market  share. 

“There  is  an  up  and  downside 
for  Juniper  in  the  fact  that  Cisco 
owns  90%  of  the  router  market,” 
industry  analyst  Nick  Lippis  said 
in  a  report  on  Junipers  enterprise 
aspirations.“On  the  up  side,  taking 
only  10%  of  this  market  would 
expand  Juniper’s  revenue  by 
nearly  50%.  On  the  downside, 
Cisco  does  not  only  own  90%  of 
the  market  share;  it  owns  perhaps 
100%  of  the  mind  share,  and  its 
customers  are  loyal.” 

But  those  customer  loyalties 
could  be  broken,  observers  say  As 
the  dominant  supplier  to  corpora¬ 
tions,  Cisco  commands  premium 
pricing.  And  not  all  its  products 
are  best-in-breed,  analysts  say 

Recognizing  this,  Juniper  made 
a  forceful  entry  into  the  enter¬ 
prise  network  market  with  Feb¬ 
ruary’s  acquisition  of  security 
vendor  NetScreen  Technologies, 
and  followed  with  the  launch  of 
its  J-Series  access  routers  in  June. 
Many  expect  Juniper  to  acquire  a 
presence  in  Layer  3  Ethernet 
switching  —  perhaps  via  Extreme 
Networks  (www.nwfusion.com, 
DocFinder:4463). 

Juniper  had  a  rough  third  quar¬ 
ter  in  the  enterprise,  however.  For 
the  period  that  ended  Sept.  30, 
Juniper  posted  security  product 
sales  of  $63.4  million,  about  $25 
million  below  analyst  estimates 
and  $32  million  below  the  sec¬ 
ond  quarter’s  results.  Security 
products  accounted  for  17%  of 
Juniper’s  third-quarter  revenue. 

Juniper  has  yet  to  recognize  rev¬ 
enue  for  the  J-series  routers, 
which  just  began  shipping. 
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Eyeing  enterprise 
networks 

With  the  worldwide  market  for 
packet-based  enterprise 
network  equipment  being 
roughly  twice  as  big  as  that  for 
packet-based  carrier  gear . . . 
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. . .  carrier  equipment  makers 
are  taking  a  closer  look  at  hot 
segments  of  the  enterprise 
network  market,  such  as 
wireless  LANs  and  IP  PBXs. 
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But  Juniper’s  not  expected  to 
stop  its  enterprise  incursions  at 
access  routers  or  security.  Ob¬ 
servers  say  to  look  next  year  for 
the  vendor  to  develop  or  acquire 
Layer  4-7  Ethernet  switching  and 
IP  PBX  capabilities,  and  and  per¬ 
haps  wireless  LAN  (WLAN)  and 
storage  networking  technolo- 
gies.These  areas  are  hot  in  enter¬ 
prise  networks  and  targeted  by 
rival  Cisco  as  billion-dollar  op¬ 
portunities.  Juniper  has  added 
70  people  to  its  R&D  team,  plus 
brought  in  100  more  sales  and 
marketing  people  to  help  boost 
awareness  of  its  efforts  across  all 
market  segments. 

“We  see  significant  opportunity 
in  expanding  the  corporate  net¬ 
working  and  security  side  of  our 
business,”  Juniper  CEO  Scott 
Kriens  said  during  a  third  quarter 
earnings  conference  call  two 
weeks  ago.  “The  opportunity  is 
growing.” 

Analysts  concur. 

“Anything  that  Cisco  might  sell  is 
something  that  [Juniper]  might 
look  at,”  says  Zeus  Kerravala  of 


The  Yankee  Group. 

Well,  not  everything,  Juniper 
says. 

“That  wouldn’t  be  a  very  smart 
strategy  for  this  or  any  company^ 
says  Christine  Heckart,  Juniper’s 
vice  president  of  marketing.  “For 
this  company  specifically  it  would 
not  be  very  consistent  with  what 
we’re  great  at  with  our  core  com¬ 
petencies.  Great  companies  build 
their  growth  strategy  around  their 
essence.” 

Juniper’s  essence  is  routing  and 
intelligent  packet  processing.That 
can  be  applied  in  a  lot  of  places, 
especially  in  some  of  the  hotter 
areas  of  enterprise  networking:  IP 
PBXs,  WLANs,  storage-area  net¬ 
working,  and  Layer  3  and  4-7 
Ethernet  switching. 

Some  analysts  say  Juniper  will 
move  to  enter  some  of  these  mar¬ 
kets  sooner  rather  than  later. 

“As  we  look  to  2005,  we  expect 
Juniper  to  be  more  aggressive  in 
the  enterprise  market,  not  only 
through  the  sales  and  marketing 
of  the  J-series  products,  but  also 
the  launch  of  a  broader  enter¬ 
prise  portfolio  through  internal 
development  and  through  acqui¬ 
sitions,”  says  Nikos  Theodoso- 
poulos,  a  UBS  Warburg  analyst,  in 
a  report  on  Juniper’s  recently 
ended  third-quarter  financials. 
“Technology  areas  we  believe 
Juniper  is  working  on  or  is  seek¬ 
ing  to  acquire  include  Layer  3-7 
switching  and  enterprise  VoIP’ 

Kerravala  says  Layer  4-7  switch¬ 
ing,  although  not  a  huge  or 
exploding  market,  is  an  area 
where  Juniper  could  make  an 
immediate  impact.  He  mentioned 
F5  Labs  as  a  possible  acquisition 
candidate. 

“It’s  a  relatively  niche  market, 
[and]  Cisco’s  products  aren’t  very 
strong,”  he  says.  “If  you’re  looking 
for  an  area  where  you  can  go  in 
and  make  some  noise  quickly  4-7 
would  probably  make  sense.” 

As  for  enterprise  VoIRa  few  sig¬ 
nificant  deals  struck  recently  by 
Cisco  —  Bank  of  America  and 
Ford  Motor  —  must  whet 
Juniper’s  appetite.  The  company’s 
current  enterprise  VoIP  strategy  is 
to  partner  with  IP  PBX  vendors 
such  as  Avaya,with  which  it  is  test¬ 
ing  and  demonstrating  interoper¬ 
ability  between  the  J-series 
routers,  security  software  and 
packet  PBXs. 

But  partnering  might  be  a  pre¬ 
cursor  to  insertion.  Juniper  did 
not  rule  that  out  for  enterprise 
VoIP  or  any  growing  market. 

“We  continually  assess  all  mar¬ 


ket  opportunities,”  Heckart  says. 
“It’s  an  ongoing,  systemic  process, 
which  is  what  took  us  into  the 
security  space  at  the  beginning  of 
this  year” 

Lucent’s  plan 

There’s  also  serious  growth 
opportunity  for  Juniper  partner 
Lucent.  Sales  of  Lucent’s  network 
management  software,  Ethernet/ 
SONET  transport  systems,  VPN 
firewalls  and  Accelerate  VoIP 
products  grew  30%  to  40%  over 
the  past  year,  and  are  expected  to 
exceed  that  this  year,  according  to 
Mark  Wilson,  Lucent’s  enterprise 
sales  vice  president. 


This  is  five  years  after  Lucent  jet¬ 
tisoned  its  enterprise  business, 
spinning  it  out  and  into  the  inde¬ 
pendent  company  Avaya. 

Lucent  builds  its  enterprise  pres¬ 
ence  through  indirect  channels 
and  partnerships,  such  as  those 
with  Sun  and  IBM  for  VoIP  and 
network  management,  re¬ 
spectively.  Sales  to  corporations 
account  for  just  more  than  1%  of 
Lucent’s  total  revenue. 

UBS  Warburg’s  Theodosopoulos 
expects  Lucent  to  tap  Juniper  to 
further  its  enterprise  ambitions. 

“We  also  believe  Lucent  is  incor¬ 
porating  Juniper  security  prod- 
See  Juniper,  page  16 


Top  Layer  unveils 
clustered  IPS 

■  BY  ELLEN  MESSMER 

Top  Layer  Networks  this  week  is  expected  to  unveil  a  clustered  ver¬ 
sion  of  its  intrusion-prevention  system  that  can  reach  8G  bit/sec 
throughput  while  supporting  inspection  and  traffic  blocking  through 
multiple  routers. 

The  Attack  Mitigator  IPS  5500  ProtectionCluster  combines  two  IPS 
5500  appliances  in  a  design  that  ensures  that  if  one  fails,  the  second 
will  continue  to  operate  at  up  to  4G  bit/sec  and  inspect  traffic  at  the 
packet  level  to  block  attempted  break-ins  and  denial-of-service  attacks. 
Top  Layer  says  ProtectionCluster  improves  on  previous  fail-over  mech¬ 
anisms  that  the  IPS  uses  by  supporting  the  asymmetric  routing  archi¬ 
tecture  that  large  organizations  favor. 

Mike  Paquette,  vice  president  of  technology  at  Top  Layer,  says  large 
organizations  sometimes  balance  traffic  across  two  routers  for  better 
performance  and  reliability  but  this  can  make  it  harder  for  an  IPS  to 
inspect  traffic. “It  can  confuse  the  IPS,”  Paquette  says,  because  session 
traffic  is  being  shared  between  routers. 

While  there  has  been  no  independent  lab  testing  of  IPS  products  that 
explore  the  effect  of  asymmetric  routing  and  high  availability  on  IPS 
efficiency  equipment-evaluation  firm  NSS  Group  is  expected  to  under¬ 
take  such  testing  late  next  year. 

One  customer  using  the  stand-alone  version  of  Attack  Mitigator  IPS 
5500  says  he  plans  to  upgrade  to  ProtectionCluster. 

“I  do  have  a  single  point  of  failure  here  so  I  plan  to  use  this,” says  Dave 
Foss,  manager  of  computer  systems  and  networking  at  the 
Massachusetts  Institute  of  Technology’s  research  laboratory  of  elec¬ 
tronics  in  Cambridge.The  Attack  Mitigator,  which  has  been  used  at  MIT 
for  about  a  year,  has  been  very  reliable,  he  says. 

MIT  uses  the  Attack  Mitigator  5500  as  the  firewall  for  four  MIT  depart¬ 
ments,  while  the  electronics  lab  is  the  only  one  that  has  elected  to  use 
Attack  Mitigator’s  blocking  capabilities.The  result  has  been“the  lab  has 
the  lowest  number  of  attacks  on  campus  for  a  large  sub-net,”  Foss  says. 

While  brief  downtime  on  a  university  campus  doesn’t  usually  consti¬ 
tute  a  crisis, that  is  not  necessarily  the  case  in  the  corporate  world, Foss 
notes.There,  IPS  backup  and  the  ability  to  support  asymmetric  routing 
and  fail-over  in  an  IPS  would  have  high  importance,  he  says. 

Although  Attack  Mitigator  IPS  5500  ProtectionCluster  can  achieve  up 
to  8G  bit/sec  throughput,  it  faces  a  far  lower  limit  of  2G  bit/sec  when 
used  to  inspect  traffic  for  content,  such  as  filtering  undesired  types  of 
file  attachments. 

The  product  costs  between  $50,000  and  $160, 000, depending  on  vari¬ 
ations  in  speed  and  ports.  ■ 
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Red  Sox  IT  department  caches  in  on  World  Series 


■  BY  BOB  BROWN 

The  Boston  Red  Sox,  newly  crowned 
champs  of  Major  League  Baseball,  tradi¬ 
tionally  haven’t  been  known  for  team 
speed.  Until  recently  neither  was  the  net¬ 
work  the  club  used  to  support 
news  reporters  and  photographers 
working  postseason  games  at 
Fenway  Park. 

But  the  organization  recently 
showed  quickness  in  coming  up 
with  a  system  designed  to  give 
reporters  faster  access  to  Web  sites  and 
enable  photographers  to  get  pictures 
online  more  quickly  while  covering  playoff 
games  from  the  storied  ballpark. 

IT  Director  Steve  Conley,  who  was 
reached  the  morning  after  the  Sox  dis¬ 
patched  the  St.  Louis  Cardinals  in  Game  4 
of  the  World  Series, says  the  trouble  began 
during  the  last  regular  season  series 
between  the  Red  Sox  and  New  York 
Yankees  in  September.  Members  of  the 
press  working  at  Fenway  complained  of 
poor  network  response  times,  the  result  of 
dozens  of  people  jamming  the  two 
bonded  T-l  lines  the  Sox  use  to  support 
the  media,  he  says. 

Conley  knew  things  could  only  get  worse 
with  the  Sox  heading  into  the  playoffs  in 


October,  given  the  inevitable  increased 
media  presence. 

Rather  than  dealing  with  the  long  lead 
times  and  hassles  of  bringing  up  addi¬ 
tional  T-ls,  Conley  opted  to  install  a  proxy 
appliance  from  Blue  Coat  Systems  that 
cached  the  Web  sites  most  fre¬ 
quented  by  media  members  seek¬ 
ing  statistics  and  other  informa¬ 
tion  as  they  reported  on  and  wrote 
about  the  playoff  games.  Conley 
says  the  Proxy  SG  800,  which  sits 
behind  the  organization’s  firewall, 
helped  slash  response  times  from  a 
“noticeable”  half-second  or  so  to  about 
one-twentieth  of  that. 

“We  didn’t  have  any  serious  network 
issues  the  entire  postseason,”  he  says.“Sixty 
or  seventy  percent  of  our  Internet  traffic 
wound  up  going  out  of  cache.” 

The  more  efficient  network  system,  which 
also  included  additional  wireless  access 
points,  let  photographers  on  the  field 
upload  photos  quickly  to  their  organiza¬ 
tions’  Web  sites  while  the  games  were  in 
progress,  Conley  says. 

The  Red  Sox  exploited  Blue  Coat’s  sys¬ 
tem  for  caching  capabilities,  which  is  the 
technology  that  gave  Blue  Coat  (formerly 
CacheFlow)  its  start.  Blue  Coat  also  offers 
anti-virus,  anti-spyware  and  other  applica- 


Avaya,  Polycom  team  on 
desktop  videophone 


■  BY  JASON  MESERVE 

Avaya  and  Polycom  have  teamed  to  cre¬ 
ate  a  desktop  videophone  that  lets  users 
place  a  video  call  by  dialing  a  standard 
telephone  number. 

The  combination  of  Avaya’s  VoIP  Soft- 
phone  application  and  Fblycom’s  Via  Video 
personal  conferencing  unit,  is  being 
dubbed  Avaya  Video  Telephony  Solution: 
Desktop  Edition.  The  package  is  powered 
by  the  new  Integrator  for  Fblycom  Video,  a 
piece  of  software  that  lets  an  Avaya  IP 
Softphone  5.1  client  control  the  Via  Video 
unit.  Via  Video  is  a  self-contained  camera 
and  microphone  system  with  digital  signal 
processing  chips  that  offload  the 
audio/video  compression  work  from  the 
attached  PC’s  main  processor. 

Application  users  can  place  a  normal 
telephone  call  and  the  Integrator  will  deter¬ 
mine  whether  the  recipient’s  system  can 
accept  video  and  either  prompt  the  user  to 
ask  if  they  want  to  use  video  or  launch  it 
automatically,  depending  on  the  prefer¬ 
ence  setting. 

“The  user  gets  to  leverage  the  telephony 
infrastructure  since  they’re  placing  a  voice 
call  first,”  says  Greg  Brophy,  senior  product 
manager  at  Avaya.  “They  can  use  forward 
and  coverage  [such  as  voice  mail]  and 
[send  the  call]  to  non-video  endpoints.” 


One  drawback  to  the  system  is  that  it  can 
only  be  used  for  point-to-point  calls  be¬ 
tween  similarly  equipped  systems.  One 
cannot  participate  in  a  multi-point  video 
call  or  connect  with  a  Fblycom  videocon¬ 
ferencing  appliance.  Multipoint  and  Web¬ 
cam  support  are  scheduled  for  the  next 
release  due  out  in  the  first  half  of  2005, 
Brophy  says. 

This  is  the  first  product  announcement 
from  the  two  companies  since  they  signed 
a  development  agreement  in  December 
2003.  While  both  companies  promise  more 
products  and  tighter  integration  between 
Avaya  telephony  and  Polycom  video, 
they’re  not  as  far  along  as  their  chief  com¬ 
petitors,  Cisco  and  Tandberg,  says  Brent 
Kelly,  an  analyst  at  Wainhouse  Research. 

“This  is  the  first  fruits  of  alliance  as  far  as 
products  go,”  Kelly  says.  “The  real  big  step 
forward  is  when  multipoint  and  [the  ability 
to  call]  other  video  systems  is  rolled  out.” 

Avaya  and  Polycom  are  selling  the  Soft- 
phone/ViaVideo  package  for  $429.  Users 
that  already  have  a  Softphone  5.x  client 
and  a  Via  Video  unit  can  download  the 
Integrator  application  for  free.B 
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tions  on  its  appliances.  Conley  says  the 
Red  Sox  will  consider  adopting  some  of 
that  technology,  including  for  its  front 
office  network. 


“We  haven’t  had  much  rest  for  the  last 
couple  of  months,”  Conley  says.“Hopefully, 
we’ll  be  able  to  step  back  soon  and  look  at 
what  we  need.”B 
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Data  center  cooling  issue  heats  up 


■  BY  DENI  CONNOR 

ORLANDO  —  IT  professionals 
often  over-build  their  cooling  and 
power  systems  in  data  centers 
because  they  misunderstand  or 
miscalculate  necessary  thermal 
requirements,  experts  say 

Such  misjudgments  can  result 
in  the  unnecessary  purchase  and 
installation  of  hundreds  of  thou¬ 
sands  of  dollars  of  computer 
room  air  conditioning  (CRAC) 
units  and  power  supplies,  and  far- 
too-cool  data  centers. 

“Data  center  managers  are  not 
understanding  the  power  and 
heating  requirements  of  servers 
and  storage,” says  Brian  Garrett,  an 
analyst  for  Enterprise  Strategy 
Group.  “There  is  a  huge  problem 
over-provisioning  the  data  center” 

At  Storage  Networking  World 
last  week  in  Orlando,  Don  Beaty, 
president  of  DLB  Associates,  an 
engineering  and  consulting  firm, 
told  attendees  that  discrepancies 
exist  between  the  power  require¬ 
ments  given  on  the  nameplate 
on  the  back  of  the  system  and  on 
the  detailed  configuration  speci¬ 
fications  that  vendors  such  as 
EMC.HRIBM  and  Sun  prepare  for 


Goofing  and  power 
recommendations 

Among  the  guidelines 
found  in  Thermal  Guide¬ 
lines  for  Data  Processing 
Environments,  www. 
nwfusion.com,  DocFinder 
4459: 

•  Dry  bulb  temperature  = 

68-77°  F 

•  Recommended  relative 
humidity  =  40-55% 

•  Maximum  dewpoint  = 

63°F 

•  Maximum  rate  of  change  = 

9°  F  per  hour 

•  Maximum  elevation  = 

10,000  feet 


the  equipment  when  they  manu¬ 
facture  and  test. 

IT  often  will  err  on  the  side  of 
caution  and  use  the  nameplate 
information  to  calculate  the 
amount  of  cooling  and  power 
they  need  when  they  add  servers 
or  storage. 

The  discrepancy  between  the 


nameplate  information  and  the 
detailed  specification  can  lead 
to  an  overestimation  of  power 
requirements  of  25%  or  more, 
Beaty  said. 

“Equipment  nameplates  are 
not  a  good  source  for  character¬ 
izing  the  power  and  cooling 
load,”  he  said.  “Nameplates  are 
regulatory-required  labeling 
focused  on  safety”  alone. 

The  nameplate  information  is 
based  on  a  future  capability  for  a 
fully  configured  and  loaded  sys¬ 
tem,  while  the  thermal  report 
reflects  both  the  minimum  and 
maximum  power  loads  required 
for  the  current  system. 

Nameplates,  while  listing  ab¬ 
solutely  safe  requirements  for 
operation  in  the  harshest  condi¬ 
tions,  should  not  be  used  to  cal¬ 
culate  thermal  conditions, 
Beaty  said. 

Instead  he  pointed  IT  to  ther¬ 
mal  reports  that  companies  such 
as  EMC  and  Cisco  complete  on 
their  products. 

These  reports,  which  vendors 
developed  in  cooperation  with 
the  American  Society  of  Heating 
Refrigerating  and  Air-Condition¬ 
ing  Engineers  (ASHRAE),  are 


now  included  with  any  new  gear 
users  buy. 

For  instance,  the  IBM  Server 
Model  520  Thermal  Report 
shows  a  heat  release  of  420  watts 
for  the  minimum  configuration 
and  600  watts  for  the  maximum 
configuration  while  the  name¬ 
plate  indicates  1,000  watts,  a  40% 
to  60%  increase. 

If  a  data  center  manager  was  to 
have  an  additional  CRAC  unit 
installed  to  supplement  this  40% 
to  60%  power  increase,  it  would 
cost  approximately  $100,000. 

But  Beaty  added  that  it  is  not 
always  easy  for  IT  to  get  a  copy 
of  the  Thermal  Report  from  their 
vendors. 

“The  manufacturers  are  just 
starting  to  modify  their  docu¬ 
mentation  to  use  the  Thermal 
Report, so  it  currently  is  not  easy” 
he  said.  “Publicity  will  help  to 
expedite  this.” 

Beaty  also  recommended  IT 
managers  purchase  a  book 
ASHRAE  published  this  year 
called  Thermal  Guidelines  for 
Data  Processing  Environments, 
which  will  help  them  better 
understand  power  and  cooling 
issues  in  their  data  centers.  ■ 
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Vendors  tout  WLAN  security  products 

Newbury  Networks,  Funk  Software  focus  on  implementing  802.1 1i  features. 


■  BY  JOHN  COX  AND  ELLEN  MESSMER 

New  software  from  two  vendors  is  intended 
to  boost  security  for  wireless  LANs,  one  target¬ 
ing  the  network,  the  other  wireless  clients. 

Newbury  Networks  added  to  its  WiFi  Watch¬ 
dog  software  new  features  to  isolate  unautho¬ 
rized  access  points  by  disconnecting  corpo¬ 
rate  wireless  clients  that  connect  to  them  acci¬ 
dentally.  Separately  Funk  Software  has 
released  its  Odyssey  Client  3. 1  for  Windows 
computers.  The  major  change  is  complete 
implementation  of  the  802.1  li  security  stan¬ 
dard,  certified  by  the  Wi-Fi  Alliance. 

Newbury’s  Watchdog  combines  radio  fre¬ 
quency  sensors  with  patent-pending  algo¬ 
rithms  to  pinpoint  the  location  of  a  WLAN 
client  or  access  point.  Using  that  data,  network 
managers  can  not  only  see  where  these 
devices  are  in  a  building  or  site,  but  also  en¬ 
force  security  policies  keyed  to  locations. 

Watchdog  4.0  now  can  forcibly  disconnect 
wireless  clients  from  connecting  with  unau¬ 
thorized  WLANs,  whether  a  hostile  rogue  pre¬ 
tending  to  be  a  legitimate  device  or  simply  an 

Security 

Subscribe  to  our  free  newsletter. 
DocFinder:  5434  www.nwfusion.com 


access  point  in  a  nearby  coffee  shop.  The 
Watchdog  sensors,  monitoring  the  radio 
waves,  pick  up  the  signals  from  the  access 
point  and  client,  and  the  location  software 
detects  whether  the  former  is  outside  the 
building’s  walls  or  in  an  unauthorized  loca- 
tion.Then  the  sensor  can  send  out  packets  that 
break  the  client’s  connection. 

The  new  release  also  adds  packet  inspection 
agents  to  detect  packet  contents  and  patterns 
that  indicate  possible  attacks. The  sensors  for¬ 
ward  802.11  packets  to  the  inspection  agents 
for  analysis.  The  agents  pass  any  identified 
threats  to  the  WiFi  Watchdog  server,  which  cor¬ 
relates  the  threat  information  with  location 
data,  and  then  trips  an  alarm. 

Finally,  Newbury  added  a  set  of  tools  to  make 
it  easier  to  create  scripts  for  detecting  and 
responding  to  new  WLAN  threats. 

Version  4.0  costs  $15,000,  which  includes  10 
Watchdog  radio  sensors. 

Securing  the  client 

Funk  Software’s  new  802. 1 1  i-compliant  soft¬ 
ware  aims  at  improving  security  on  Windows- 
based  clients.  Most  vendors  in  the  WLAN  mar¬ 
ket  are  racing  to  add  the  improved  encryption 
and  authentication  to  their  products,  and  to 
gain  Wi-Fi  Alliance  certification. 

Odyssey  Client  3.1  is  adding  support  for  an 


authentication  standard  called  Extensible 
Authentication  Protocol-Subscriber  Identity 
Module  used  in  GSM-based  wireless  networks 
and  Cisco’s  authentication  protocol,  Flexible 
Authentication  via  Secure  Tunneling  (FAST), 
which  Cisco  has  proposed  as  an  open  stan¬ 
dard  by  submitting  it  to  the  IETF 

FAST  has  been  added  to  Cisco’s  Server  ACS 
Security  Server  and  Aironet  wireless  adapter 
cards,  and  the  Funk  Odyssey  client  software, 
expected  out  in  beta  next  week,  would  allow 
user  authentication  via  FAST. 

The  next  Odyssey  client  also  will  be  able  to 
give  an  order  that  makes  sure  a  Windows  com¬ 
puter  is  always  logged  into  what’s  called  a 
machine  account,  whether  on  a  wired  or  wire¬ 
less  network.  The  machine  account  gives 
access  to  administrators  and  some  applica¬ 
tions.  This  feature  duplicates  capabilities  in 
Microsoft’s  wireless  supplicant,  which  is  part  of 
XPaccording  to  Funk  executives. 

The  Odyssey  client  costs  about  $50,  with  vol¬ 
ume  discounts.* 
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in  real  time— in  seconds.  Application  deployment  and  reprovisioning  become  an  automated  process.  From  single  console  remote 
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•  93%  fewer  cables 

networked  managment  through  a  single  console 

•  Hot-swappable  server  design 
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•  Rapid  Deployment  Pack:  For  ease  of  deployment 
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Contact  HP  today  for  a  free  IDC  white  paper:  Adapting 
to  Change:  BladeSystem  Moves  into  the  Mainstream 
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Scanning  electron  microscope  image  of  zinc  whiskers  found  growing  on  the 
underside  of  a  zinc-plated  steel  raised  floor  panel. 


Whiskers 

continued  from  page  1 

In  a  sense  they  were,  but  by 
the  most  unlikely  of  suspects: 
microscopic  metal  strands 
called  zinc  whiskers  that  were 
growing  on  the  bottom  of  the 
data  centers  raised-floor  tiles. 

It  all  started  in  2002, shortly 
after  the  Toronto  company  had 
an  outfit  in  to  clean  up  its  data 
center. 

“A  couple  of  weeks  later  our 
servers  started  failing.  Mother¬ 
boards,  hard  drives,  you  name  it,” 
Harris  says.“We  put  in  new  boxes 
and  sure  enough,  they  failed  too.” 

Harris  says  the  IT  team,  which 
at  the  time  was  overseeing  a  col¬ 
lection  of  about  50  servers, 
exhausted  all  avenues  trying  to 
solve  the  mystery  Finally,  the 
mention  at  a  conference  of  a 
similar  problem  led  Baycrest  to 
find  that  when  the  cleaning  crew 
raised  the  data  center  floor  tiles, 
the  conductive  zinc  filaments  — 
just  a  few  millimeters  long  and  a 
few  microns  in  diameter  —  went 
airborne, short-circuiting  the 
servers. 

“We  try  to  spread  the  word 
now”  says  Harris,  who  estimates 
Baycrest  spent  at  least  $100,000 
replacing  floor  and  ceiling  tiles 
and  giving  the  data  center  a 
deep  cleansing.“We  don’t  want 
others  to  go  through  what  we 
did.” 

While  metal  whiskers  were 
new  to  Baycrest,  they’ve  actually 
been  known  since  the  1940s 
when  Bell  Labs  discovered  them 
in  telecom  environments.  Zinc 
whiskers  are  thought  to  “grow”  as 
a  result  of  molecular  stress, 
whereby  the  zinc  used  to  keep 
steel  on  the  bottom  of  the  tile 
from  rusting  tries  to  separate 
itself  from  the  steel.  Whiskers 
have  been  found  to  form  in  a 
vacuum,  but  heat,  humidity  and 
other  environmental  factors  also 
have  been  suggested  as  triggers. 
The  metal  filaments  have  been 
discovered  growing  in  cabinets 
and  other  data  center  spaces. 

Like  many  IT  problems,  zinc 
whiskers  aren’t  something  that 
companies  victimized  by  them 
often  discuss  openly  perhaps  for 
fear  of  making  the  IT  infrastruc¬ 
ture  appear  vulnerable  or  the  IT 
management  team  seem  negli¬ 
gent.  As  a  result,  many  IT  shops 
don’t  even  think  to  look  for 
whiskers  when  data  center 
equipment  goes  on  the  blink.  In 
fact,  looking  for  them  is  pretty 
tough  in  the  first  place  because 
they  are  barely  distinguishable 
with  the  naked  eye  from  dust. 
However,  by  shining  a  light  paral¬ 


lel  to  the  bottom  surface  of  a 
zinc  whisker-covered  floor  tile 
will  let  the  viewer  see  the 
whiskers,  or  more  precisely, 
reflections  of  them. 

David  Loman,  a  power  and 
environmental  specialist  for  HP 
speculates  that  if  he  asked  10  IT 
managers  about  zinc  whiskers 
only  two  would  know  what  they 
were.“When  I  tell  people  they’ve 
got  zinc  whiskers  they  look  at 
me  like  I’ve  grown  antennas  out 
of  my  head,”  he  says. 

Loman  says  one  way  that  zinc 
whiskers  are  identified  is  through 
a  distinctive  popping  sound  that 
power  supplies  emit  as  they  are 
snuffed  out  by  the  whiskers.  He 
recalls  one  customer  whose  data 
center  lost  dozens  of  power  sup¬ 
plies  after  an  old  upflow  air  con¬ 
ditioning  system  and  a  new 
downflow  one  were  turned  on  at 
the  same  time,  scattering  zinc 
whiskers  everywhere.“It  sounded 
like  popcorn,”  he  says. 

Those  familiar  with  zinc 
whiskers  say  it  would  behoove  IT 
shops  to  study  up  on  the  conta¬ 
minant.  While  the  sort  of  electro¬ 
plated  wood-core  floor  tiles 
thought  to  have  spawned  most 
zinc  whiskers  are  for  the  most 
part  no  longer  being  made  or 
installed,  plenty  of  older  tiles 
remain  in  data  centers.  What’s 
more,  new  compact  data  center 
gear,  such  as  blade  servers  that 
squeeze  components  into  small¬ 
er  spaces,  are  thought  to  be 
more  susceptible  to  whiskers. 

“1  thought  the  problem  would 
have  peaked  once  manufactur¬ 
ers  ran  out  of  the  old  tiles,  but 
over  the  last  couple  of  years  I 
haven’t  seen  the  problem  abate.  I 
think  it’s  grown,” says  Rich  Hill, 
who  heads  up  a  data  center 
cleaning  company  called  Data 
Clean  that  comes  across  a  zinc 
whisker  problem  about  every 
two  weeks. 

“People  had  mainframes  for 
years  without  any  problems  from 
whiskers,”  Hill  says.“Invariably  the 


newer  equipment  is  what  has  the 
problems.” 

Data  center  consultant  Bob 
Sullivan  says  whisker  problems 
grew  as  computer  systems  were 
built  with  more-powerful  cooling 
fans.“They  sucked  the  whiskers 
right  in,”  says  Sullivan,  dubbed  by 
some  as  the  “Father  of  Zinc 
Whiskers.”While  at  IBM  in  the 
early  1990s,  his  team  discovered 
that  metal  whiskers  caused  prob¬ 
lems  with  certain  of  the  compa¬ 
ny’s  storage  devices.  He  also 
spearheaded  development  of 
remediation  processes. 

HP’s  Loman  says  it  isn’t  so 
much  the  way  the  guts  of  new 
equipment  is  being  designed  — 
with  components  closer  to  one 
another  —  that  makes  them 
more  susceptible  to  whiskers. 
Rather,  he  says  it  is  that  more  of 
the  systems  now  can  be  packed 
into  a  rack,  making  it  more  likely 
that  if  zinc  whiskers  are  in  the 
air,  more  equipment  will  be 
affected. Whiskers  rarely  get 
more  than  about  three  feet  off 
the  floor,  but  they  do  tend  to 
congregate,  he  says. 

Loman  says  manufacturers 
have  taken  steps  to  prevent  com¬ 
panies  from  having  their  data 
centers  devastated  by  zinc 
whiskers.  For  example,  he  says 
power  supplies  in  data  center 
gear  are  now  usually  protected 
with  a  plastic  coating  that  keeps 
contaminants  at  bay.  Also, 
because  most  power  supplies 
are  now  disposable,  if  they  get 
zapped  by  zinc  whiskers,  he  says 
they  can  easily  be  swapped  out 
for  new  power  supplies.  HP  and 
other  vendors  also  make  men¬ 
tion  of  zinc  whiskers  in  data  cen¬ 
ter  site  planning  materials. 

Metal  whiskers  are  still  not  well 
understood,  though, says  Jay 
Brusse,  a  component  engineer 
for  NASAs  Goddard  Space  Flight 
Center  who  collects  information 
on  whiskers  at  a  Web  site  (see 
www.nwfusion.com,  DocFinder: 
4439).  NASA  stepped  up  research 


into  tin  whiskers  in  the  late  1990s 
after  hearing  about  a  non-NASA 
commercial  satellite  whose  fail¬ 
ure  was  attributed  to  tin 
whiskers,  but  has  expanded  the 
site’s  focus  to  cover  zinc  and 
other  metal  whiskers,  he  says. 

“High-end  computing  compa¬ 
nies  I’ve  talked  to  tell  me  that 
things  could  actually  get  a  little 
worse  before  they  get  better 
since  new  equipment  still  is 
being  installed  in  archaic  rooms 
that  have  had  plenty  of  time  to 
grow  crops  of  whiskers,”  he  says. 

Another  lingering  issue  with 
zinc  whiskers  is  whether  they 
could  have  any  effect  on  the 
health  of  data  center  employees, 
though  experts  say  research  has 
been  limited  and  that  no  evi¬ 
dence  has  shown  a  link  between 
the  whiskers  and  health  prob¬ 
lems.  IBM  employees  used  to 
joke  that  zinc  whiskers  might 
even  improve  their  libidos,  Sul¬ 
livan  says. 

“The  joke  was  that  you  should 
stick  your  head  under  the  floor 
before  heading  home  for  the 
weekend,”  he  says. 

To  put  whiskers  in  perspective, 
Loman  notes  that  other  prob¬ 
lems  his  group  investigates 
includes  data  center  damage  in 
the  wake  of  disasters,  such  as  the 
World  Trade  Center  attacks  and 
volcanic  eruptions.  He  says  his 
group  comes  across  maybe  six 
zinc  whisker  instances  per  year, 
but  the  cases  tend  to  be  signifi¬ 
cant  in  terms  of  the  remediation 
required,  which  he  describes  as 
costly  and  time-consuming. 

Those  experienced  with  zinc 
whiskers  say  there  is  only  one 
way  to  get  rid  of  them. 

“The  tiles  have  to  be  replaced,” 
Loman  says,  noting  that  the 
whiskers  can  fairly  easily  be 
blown  out  of  equipment.  He 
says  experiments  have  been 
done  to  cover  tiles  growing  zinc 
whiskers  with  epoxy,  but  that 
whiskers  have  grown  through 
the  coating. 

Baycrest’s  Harris  says  that, 
among  other  things,  his  organi¬ 
zation  moved  its  air  condition¬ 
ing  system  from  the  floor  into 
the  ceiling. The  organization 
also  now  greatly  limits  the  num¬ 
ber  of  people  in  its  data  center, 
figuring  that  less  foot  traffic 
means  fewer  contaminants  have 
a  chance  to  be  shaken  into 
action. 

“When  we  first  heard  about 
zinc  whiskers  we  said, ‘You  must 
be  joking  with  us,’”  Harris  says. 
“But  it’s  no  joke.”B 

Get  more  information  online. 
DocFinder:  4462 
www.nwfusion.com 


Juniper 

continued  from  page  12 

ucts  in  its  enterprise  offer,  as 
Lucent  tries  to  increase  its  pres¬ 
ence  in  the  enterprise  market,” he 
says  in  his  Juniper  report. 

Wilson  says  there  is  currently 
no  arrangement  with  Juniper  to 
sell  enterprise  products. 

But  Kriens  says  all  Juniper’s 
partners  —  which  include 
Siemens  and  Ericsson,  in  addi¬ 
tion  to  Lucent  —  are  “in  some 
stage  of  evaluation”  of  the  low 
end  of  Juniper’s  router  product 
line  or  its  security  products. 

Nortel's  enterprise 
aspirations 

So  perhaps  Juniper  and  Lucent 
understood  why  rival  Nortel 
retained  its  $2  billion  enterprise 
operations  after  many  expected 
the  company  to  sell,  spin  off  or 
otherwise  detach  it  this  summer 
to  make  up  a  profit  shortfall. 
Nortel  CEO  Bill  Owens  consid¬ 
ered  that  but  held  onto  it  be¬ 
cause  the  enterprise  market  is 
driving  convergence  —  and  ser¬ 
vice  provider  business. 

In  an  interview  with  Network 
World  in  August,  Owens  said  he 
recognized  that  Nortel’s  enter¬ 
prise  business  —  a  distant  sec¬ 
ond  to  Cisco  in  Ethernet  switch¬ 
ing  —  is  a  “leader”  in  bundling 
packet  switching  systems  for 
companies  looking  to  integrate 
voice,  video  and  security  applica¬ 
tions.  He  said  these  sys¬ 
tems  would  be  attractive 
to  Nortel’s  service  provider  cus¬ 
tomers  as  customer  premises 
equipment  components  of  a 
managed  service  offering. 

Owens  also  said  the  enterprise 
network  market  can  springboard 
Nortel  into  the  booming  govern¬ 
ment  vertical  market,  which  he 
said  is  spending  tens  of  billions  of 
dollars  per  year  in  the  U.S.  alone 
(DocFinder: 4464). Enterprise  net¬ 
work  revenue  accounted  for  22% 
of  Nortel’s  preliminary  first  half 
results  of  $5. 1  billion, contributing 
more  than  the  company’s  tradi¬ 
tional  markets  of  wireline  (17.5%) 
and  optical  (10%). 

Some  enterprise  network  users 
say  they  are  very  comfortable 
buying  their  gear  from  telecom 
vendors. 

“Some  of  the  products  we’ve 
seen  coming  out  recently  are 
things  we’ve  been  looking  fori’ 
says  Howard  Rubin,  director  of  IS 
at  healthcare  network  Care  New 
England  in  Rhode  Island,  a 
Nortel  shop. 

“So  they  seem  to  be  responding 
to  their  customers’  require¬ 
ments,”  he  says.  ■ 
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Biometrics  benefits,  challenges  airs 


■  BY  JEFF  CARUSO 

NEW  YORK  —  In  a  conference 
room  overlooking  the  site  of  the 
World  Trade  Center,  early  adopt¬ 
ers  of  biometrics  technology  last 
week  stressed  the  importance  of 
determining  someone’s  true 
identity. 

Attendees  of  the  Fall  2004 
Biometrics  Summit  heard  about 
the  challenges  and  benefits  seen 
by  those  who  would  implement 
biometrics  both  before  and  after 
the  Sept.  11  attacks  that  put  a 
greater  focus  on  security  They 
also  heard  about  why  some  com¬ 
panies  still  aren’t  ready  for  bio¬ 
metrics,  technology  that  uses  per¬ 
sonal  characteristics  of  users  to 
identify  them. 

Acknowledging  that  most  of  the 
Sept.  11  attackers  used  drivers’ 
licenses  to  board  the  airplanes 
they  used  as  weapons,  one  pre¬ 
senter  said  biometrics  should  be 
a  key  tool  in  conjunction  with 
better  verification  of  identity-pro¬ 
ving  documents,  in  the  process  of 
obtaining  drivers’  licenses. 

Illinois  was  the  first  to  use  facial 
recognition  technology  in  its 
Department  of  Motor  Vehicles, 
four  years  before  Sept.  1 1 ,  and  the 
state  is  preparing  an  upgrade  to 
its  systems,  said  Beth  Langen, 
administrator  of  the  policy  and 
programs  division  of  the  Driver 
Services  Department  in  the 
Illinois  Office  of  the  Secretary  of 
State.  The  measures  have  helped 
combat  fraud,  catching  those 
who  try  to  get  multiple  licenses 
for  different  identities. 

“One  guy  came  in  a  couple  of 
times  a  day,  to  different  facilities, 
to  get  licenses,”  Langen  said. 
Another  woman  had  13  identities 
and  used  them  for  theft.  She  was 
caught  and  imprisoned.  In  all, 
1,700  cases  of  fraud  have  been 
discovered  using  the  facial  recog¬ 
nition  software,  with  173  people 
claiming  three  or  more  identities. 

Originally  the  department  had 
considered  using  fingerprint 
readers,  but  went  with  facial 
recognition  for  several  reasons. 
It’s  passive  and  non-intrusive. 
“When  you  come  to  a  DMY  you 
expect  to  get  your  picture  taken,” 
Langen  said.  By  contrast,  people 
associate  fingerprinting  with  hav¬ 
ing  been  arrested,  she  said. 

Huge  volumes  of  pictures  have 
been  added  to  the  department’s 
database.  It  now  contains  16  mil¬ 
lion  pictures,  and  it  is  growing  by 
8,000  to  12,000  every  day.At  night, 


the  system  goes  through  all  the 
new  pictures  to  see  if  any  faces 
match  those  already  on  record.  If 
there  are  some  that  look  similar, 
they  are  sent  to  a  fraud  unit  in  the 
morning,  which  compares  demo¬ 
graphic  data  and  signatures  to 
determine  if  the  similar-looking 
people  are  one  and  the  same. 

Getting  employees  acclimated 
to  using  biometrics  equipment 
was  a  challenge  discussed  by 
those  at  the  conference. 

Clarendon  Insurance  Group  in 
New  York  installed  fingerprint 
readers  both  for  entry  to  the  build¬ 
ing  and  for  logging  on  to  comput¬ 
ers.  The  insurance  company  was 


■  BY  ANN  BEDNARZ 

BEA  Systems  this  week  is  ex¬ 
pected  to  announce  plans  to 
pool  its  infrastructure  software 
with  partner  technologies  in 
combinations  the  company  says 
will  help  solve  its  customers’  busi¬ 
ness  problems. 

On  tap  are  five  different  bundles 
built  around  BEAs  WebLogic  Plat¬ 
form  8.1  and  incorporating  hard¬ 
ware,  software  and  services  from 
BEA  partners.The  bundles  are  in¬ 
tended  to  streamline  business 
processes  that  span  multiple 
applications  and  data  sources. 

The  Customer  Service  frame¬ 
work  combines  BEAs  application 
infrastructure  software  —  includ¬ 
ing  its  development  tools,  appli¬ 
cation  server,  portal  and  integra¬ 
tion  server  —  with  technology 
from  partners  including  Hyper¬ 
ion,  EMC’s  Documentum  division 
and  Interwoven. 

It’s  designed  to  help  companies 
improve  customer  service  while 
reducing  the  expense  of  serving 
customers  through  different 
channels  such  as  the  Web,  call 
centers  and  mobile  devices,  BEA 
says.  The  vendors  have  done  the 
upfront  work  to  integrate  their 
applications. 

For  example,  a  company  could 
use  WebLogic  tools  to  build  a  por¬ 
tal  from  which  customers  can  file 
service  requests,  pay  bills  and 
check  the  status  of  prior  transac¬ 
tions.  Then,  with  technology  from 
speech  application  specialist 
SandCherry,  companies  can 
make  those  online  resources 
available  to  mobile  users  through 


helped  by  identity  management 
software  vendor  Daon,  which 
made  sure  users  were  prepped  for 
the  shift  to  biometrics. 

Working  with  Clarendon’s  hu¬ 
man  resources  department,  Daon 
put  together  “welcome  packs”  for 
users,  said  Leo  Ring,  vice  presi¬ 
dent  of  business  development  at 
Daon.  The  pack  contained  little 
stuffed  koala  bears  —  because 
they  are  the  only  animal  with  fin¬ 
gerprints  —  and  wipes  for  keep¬ 
ing  the  fingerprint  readers  clean. 

Before  getting  buy-in  from 
users,  buy-in  from  top  executives 
is  paramount.  Scott  Sykes,  group 
manager  of  strategic  technology 


a  voice  user  interface. 

In  this  way,  users  “don’t  have  to 
build  separate  silos  for  Web,  call 
center,  mobile  and  voice,”  says 
Mark  Atherton,  vice  president 
of  BEA’s  enterprise  solutions 
group.  “There’s  one  infrastruc¬ 
ture  that  brings  it  all  together  so 
companies  can  expose  the 
same  content,  through  different 
partner  technologies,  to  differ¬ 
ent  channels.” 

Another  framework  being  intro¬ 
duced  this  week  is  aimed  at  help¬ 
ing  financial  services  companies 
streamline  complex  trade  man¬ 
agement  processes.  BEAs  Trade 
Processing  framework  includes 
portal  technology  —  for  handling 
institutional  trades,  filtering  re- 


at  Capital  One  in  McLean,  Va., 
encountered  a  lot  of  resistance  to 
his  ideas  for  bringing  biometrics 
technology  into  the  financial  ser¬ 
vices  firm. 

The  fundamental  point  of  resis¬ 
tance  was  whether  the  reduced 
risk,  cost  savings  and  increased 
efficiency  outweigh  the  expense, 
Sykes  said.  A  lot  of  the  potential 
benefit  is  hard  to  quantify.  But  the 
cost  is  easy  to  measure:  $5  million 
over  the  first  two  years,  tapering 
off  to  $400,000  per  year  for  main¬ 
tenance  and  operation. 

While  one  could  argue  that  bio¬ 
metrics  provides  security  benefits 
over  a  password  system,  are  the 


search  content  and  handling  ex¬ 
ceptions  such  as  broken  trades  — 
and  monitoring  and  analytic 
tools  for  keeping  tabs  on  multi- 
step  trade  processes. 

Behind  the  scenes,  BEAs  ser- 
vices-oriented  architecture  tech¬ 
nology  ties  together  all  the  re¬ 
sources,  the  company  says. 

By  service-enabling  key  applica¬ 
tions  —  such  as  treasury  manage 
ment,  credit,  trade  and  finance 
programs,  in  the  case  of  the  trade 
processing  framework  —  compa¬ 
nies  can  weave  together  data 
from  multiple  systems  without 
tampering  with  the  applications, 
Atherton  says.  The  WebLogic 
Platform,  through  its  integration 
controls  and  portlets,  makes  the 


benefits  that  much  greater? 

“Getting  security  folks  to  release 
the  use  of  a  password  is  very  diffi¬ 
cult,”  Sykes  said. 

Single  sign-on  can  be  difficult  to 
integrate  with  biometrics  sys¬ 
tems.  Biometrics  readers  aren’t 
built  into  laptop  or  desktop  com¬ 
puters,  making  the  readers  a  has¬ 
sle  to  add  into  a  network.  Privacy 
concerns  are  also  an  issue.  Until 
these  hurdles  are  overcome,  bio¬ 
metrics  will  have  a  hard  time  get¬ 
ting  a  foothold  in  most  enterprise 
companies,  Sykes  said. 

“There’s  really  no  pull.  There’s 
really  no  push.  It’s  kind  of  in  ‘levi¬ 
tation’  right  no\y”  he  said.  ■ 


necessary  connections. 

“You  don’t  have  to  actually  drop 
down  into  those  systems  them- 
selves.They  provide  the  logic  and 
the  capabilities  that  you  want  to 
have,  but  it  gets  abstracted  up  a 
layer?  Atherton  says. 

Taking  advantage  of  pre-inte- 
grated  resources  could  make 
development  tasks  easier,  says 
Rajan  Jena,  enterprise  architect  at 
Oncology  Therapeutic  Network 
(OTN).  The  San  Francisco  com¬ 
pany  which  provides  oncology 
medical  practices  with  products 
and  services  including  distribu¬ 
tion  of  cancer  drugs,  launched  an 
employee  portal  earlier  this  year 
that  pools  data  from  multiple  cus¬ 
tomer  service  applications. 

In  the  past  employees  had  to 
toggle  between  four  or  five 
screens  to  find  all  the  customer 
data  they  needed,  Jena  says. 
Now  the  information  is  pre¬ 
sented  in  a  single  interface  that 
masks  the  complexity  of  the  sys¬ 
tems  integration. 

For  its  employee  portal,  OTN 
wrote  code  to  expose  data  from 
different  applications,  such  as  an 
Oracle  financial  application.  Next 
up,  OTN  plans  to  deploy  an  exter¬ 
nal-facing  portal  for  its  customers 
and  partners,  which  include  med¬ 
ical  practices,  pharmaceutical 
vendors  and  biotech  companies. 
For  that  project  Jena  hopes  to 
take  advantage  of  available  “part¬ 
nership-level  APIs”  from  BEA  and 
its  vendor  partners.  “We  expect 
this  to  help  us  avoid  writing  a 
whole  bunch  of  data  access  level 
code  that  we’re  doing  right  now,” 
Jena  says.  ■ 


BEA  pitches  integrated  business  bundles 


Framework  logic 

BEA  is  teaming  with  partners  to  pitch  technology  bundles 
—  called  “solution  frameworks”  —  aimed  at  easing 
integration  and  process  management  chores. 


Framework 

Target  application 

Customer 

Service 

Links  customer-related  data  from  disparate 
applications  and  packages  it  forWeb,  phone  and 
mobile  users. 

Employee 

Service 

Uses  workflow  and  integration  tools  to  automate  human 
resources  processes  such  as  adding  an  employee, 
administering  benefits,  and  performance  reviews. 

Service 

Delivery 

Helps  telecom  companies  speed  services  rollouts 
by  linking  development  tools  with  operations  support 
systems. 

Trade 

Processing 

Integrates  financial  services  trade  management 
applications  to  streamline  execution. 

Radio 

Frequency 

Identification 

Uses  event  integration  and  business  process 
automation  tools  for  supply-chain  processes  related 
to  RFID  wireless  inventory  tracking. 

With  IronPort  Virus  Outbreak  Filters 


Today’s  email  borne  viruses  propagate  globally  in  hours  or  minutes,  much 
faster  than  traditional  defenses  can  react,  leaving  you  exposed  to  the  “reaction 
time  gap’’  IronPort’s  Virus  Outbreak  Filters™  stop  viruses  up  to  8  hours  before 
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Virus  Outbreak  Rlters  are 


traditional  virus  definition  files  are  available,  literally  predicting  virus  attacks 
before  they  cause  harm.  Available  now  at  www.ironport.com/nw 


powered  by  a  series  of  proprietary 
algorithms  that  process  data  from 
SenderBase'"  the  world's  largest 
email  traffic  monitoring  network. 
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■  VOIP  ■  WIRELESS  NETWORKS 


Switch  vendors  crunch  Gbit  chips 


■  IBM  has  beefed  up  its  storage  vir¬ 
tualization  and  automation  software. 
At  Storage  Networking  World  last 
week,  the  company  unveiled  improve¬ 
ments  to  its  TotalStorage  Open 
Software.  This  software  suite 
includes  TotalStorage  SAN  File 
System  2.2,  SAN  Volume  Controller 
1.2,1,  Productivity  Center  2.1  and  Tivoli 
Storage  Manager  5.3.  The  SAN  File 
System  has  been  enhanced  to  allow 
for  information  life-cycle  management 
capabilities.  It  now  lets  IT  create  poli¬ 
cies  that  determine  the  movement  of 
data  from  one  storage  array  to  an¬ 
other.  It  also  lets  customers  create 
policies  that  govern  when  files  are 
deleted.  TotalStorage  SAN  Volume 
Controller,  IBM’s  virtualization  soft¬ 
ware,  now  can  cluster  as  many  as 
eight  nodes  and  handle  four  times  the 
number  of  virtual  disks  per  cluster.  It 
also  supports  attachments  to  HP 
Enterprise  Virtual  Arrays  and  IBM’s 
DS8000  and  DS6000.  The  SAN  Volume 
Controller  starts  at  $30,000.  The  SAN 
File  System  starts  at  $10,000  per 
processor  for  the  File  System's  Meta¬ 
data  Server  and  $5,000  per  processor 
for  application  servers  that  use  the 
file  system.  The  software  is  expected 
to  be  available  before  year-end. 

■  Cisco  last  week  launched  Version 

4.1  of  its  CallManager  IP  PBX  soft¬ 
ware,  broadening  support  for  VoIP 
encryption  to  Cisco  voice  gateways 
and  voice  mail  servers.  Enhanced 
Q.SIG  support  was  introduced  in 
CallManager  4.1.  Call  encryption  on 
Cisco  VoIP  gateways  can  let  users  in 
remote  offices  conduct  secure  IP 
phone  calls.  Encryption  on  Cisco 
Unity  voice  mail  can  be  used  to  help 
prevent  malicious  users  from  stealing 
voice  mail  files.  Expanded  O-SIG  sup¬ 
port  lets  a  Cisco  IP  PBX  communi¬ 
cate  with  a  legacy  PBX  via  the  Q.SIG 
protocol  —  a  standard  for  PBX  inter¬ 
operability.  Enactments  in  the  new 
Cisco  software  let  CallManagers  talk 
to  a  wider  array  of  PBXs  and  trans¬ 
late  more  features  between  the  plat¬ 
forms,  the  vendor  says.  Cisco  Call- 
Manager  4.1  is  free  for  CallManager 

4.1  licensees. 


■  BY  PHIL  HOCHMUTH 

Companies  such  as  Broadcom  and  Agere 
Systems  are  working  to  squeeze  more 
Gigabit  switch  port  controllers  onto  one 
chip.  For  switch  buyers,  this  could  result  in 
lower-cost,  feature-rich  gear  that  is  less 
prone  to  failure. 

It’s  a  job  with  contradictory  goals  for 
these  switch  component  makers,  which 
must  think  both  big  and  small  —  bigger  as 
in  bandwidth,  smaller  as  in  the  size  of  the 
components  they  make.  They  face  the 
same  challenge  as  makers  of  any  business 
or  consumer  computer  gadgets,  from 
blade  servers  to  laptops,  PDAs  or  cell 
phones  —  producing  smaller,  faster  and 
less  expensive  products.  But  the  biggest 
problem  is  heat  and  power  consumption. 

Along  this  line,  Broadcom  in  October 
released  a  low-power  Gigabit  Ethernet 
physical  layer  transceiver  chip  for  Gigabit 
Ethernet  switches,  blade  server  intercon¬ 
nects  or  server  network  interface  cards.The 
vendor  says  its  chipset  consumes  25%  less 
power  than  its  previous  Gigabit  Ethernet 
physical  layer  transceivers,  but  still  pro¬ 
vides  enough  signal  power  to  transmit 
Gigabit  Ethernet  over  “marginal”  copper 


■  BY  JOHN  COX 

Wireless  LAN  rivals  Airespace  and  Trap¬ 
eze  Networks  separately  have  announced 
switches  aimed  at  branch  offices  or  other 
small  locations. 

To  tailor  these  products  for  this  market, 
both  companies  have  simplified  business 
practices,  product  installation  and  configu¬ 
ration.  The  switches  are  designed  to  sup¬ 
port  a  handful  of  the  vendors’  companion 
wireless  access  points  and  to  link  over 
WANs  with  larger  central  switches  installed 
on  enterprise  networks. 

The  Airespace  3500  has  the  full  capabili¬ 
ties  found  in  the  vendor’s  larger  switches, 
says  Jeff  Aaron,  senior  manager  of  product 
marketing  for  Airespace.  These  include 
automatically  changing  channel  assign¬ 
ments  and  radio  power  levels,  load  balanc¬ 
ing,  location  services  and  full  network 
management  via  the  vendor’s  Airespace 
Control  System  application. 

For  the  new  switch,  Airespace  has  added 
QoS  features,  based  on  the  Wi-Fi  Multi¬ 


cabling  plants,  such  as  Category  5  or  older 
Category  5e  wiring. 

This  month,  chipmaker  Agere  will  launch 
a  48-port  Gigabit  Ethernet  switching  system 
that  fits  on  a  single  system-on-a-chip  prod¬ 
uct.  The  product  has  seven  sub-compo¬ 
nents  and  uses  less  than  half  the  number  of 
chips  as  competing  system-on-a-chip  ven¬ 
dors,  Agere  says.  The  vendor  also  says  its 
product  takes  up  30%  less  space  than  48- 
port  Gigabit  chips  that  are  currently  ship¬ 
ping.  This  can  help  switch  vendors  pack 
more  feature-based  ASCIs  and  network 
processors  into  a  system,  while  reducing 
the  complexity,  and  potential  for  failure,  of 
a  48-port  chip  system. 

Part  of  this  chip-crunching  exercise  is  the 
conversion  of  the  analog  physical  layer 
(PHY)  processing  components  of  a  switch 
connection  to  a  digital  process.This  lets  the 
PHY  component  be  built  into  the  other 
Layer  2/3  switching  pieces  of  the  product. 

“We’ve  moved  a  lot  of  complexity  in 
PHY  into  the  digital  domain,”  says  Ngazi 
Bell,  marketing  directory  at  Agere.  “You’re 
able  to  have  better  signal-to-noise  ratio 
because  bit-error  rate  management  hap¬ 
pens  digitally’ 

Bell  says  this  type  of  work  is  being  out- 


Media  (WMM)  specification,  which  is  a 
preliminary  version  of  the  draft  IEEE 

802.1  le  standard.  Using  WMM,  the  switch 
can  be  set  up  to  reserve  bandwidth  for 
delay-sensitive  traffic,  such  as  wireless  VoIP 
phone  calls, and  give  that  traffic  priority  on 
the  network.  Also  new  in  the  operating  sys¬ 
tem  software  is  support  for  IPv6. 

Up  to  three  Airespace  802.1  la/b/g  access 
points  can  be  connected  directly  to  the 
switch’s  four  10/100M  bit/sec  Ethernet 
ports,  with  one  port  reserved  for  the  net¬ 
work  connection.  Or  the  switch  can  man¬ 
age  up  to  six  of  these  access  points  that  are 


sourced  to  silicon  vendors,  as  switch  ven¬ 
dors  look  to  cut  costs  and  focus  on 
advanced  features, such  as  management  or 
security 

Switch  makers  “are  trying  to  add  value 
at  the  software  and  applications  layer 
where  they  can  differentiate  themselves,” 
Bell  says. 

He  says  these  smaller  systems  also  lead 
to  more  reliable  end  products.“Having  only 
seven  components  in  a  48-port  switch 
reduces  the  complexity,  heat  and  power 
consumption,”  which  makes  products  less 
prone  to  failure,  he  says. 

Agere  and  Broadcom  both  supply  Ether¬ 
net  semiconductors  to  3Com,  Cisco,  Ex¬ 
treme  Networks,  Foundry  Networks,  Nortel 
and  others. 

Switch  vendors  are  demanding  more 
ports  in  a  tighter  space,  and  this  is  driving 
new  technologies  from  component 
vendors. 

“Density  is  certainly  being  driven  up  by 
switch  vendors,  which  is  a  result  of 
demand  from  end  users,”  says  Zeus 
Kerravala,  an  analyst  with  The  Yankee 
Group.  “More  users  and  nodes  connected 
to  the  network  mean  more  [port]  density  is 

See  Chips,  page  20 


connected  to  an  intervening  Layer  2  or 
Layer  3  device. 

Security  features  include  support  for 
802. lx  authentication  and  802.1  li-encryp- 
tion  and  key  management. 

Pricing  starts  at  $2,000,  and  the  3500  will 
be  available  this  month. 

Meanwhile, Trapeze  recently  unveiled  the 
MXR-2  WLAN  switch,  with  a  list  price  of  just 
under  $l,000.The  MXR-2  can  support  up  to 
three  Trapeze  access  points,  called  Mobility 
Points.  The  access  points  attach  to  a  local 
Ethernet  switch  or  WAN  gateway,  and  so 

See  WLAN,  page  20 


WLAN  vendors  target  branch  offices 


The  $1,000  Trapeze 
MXR-2  WLAN  switch 
supports  a  variety 
of  WLAN  security 
specs,  including 
RADIUS,  802.1 1i  and 
802.1x. 
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does  the  MXR-2.  There  are  two  10/100 
Ethernet  ports,  one  of  which  supports 
Power  over  Ethernet,  so  the  access  points 
can  draw  electricity  from  the  switch. 

Trapeze  created  a  delivery  process  that 
ships  the  new  switch  directly  to  a  cus¬ 
tomer’s  branch  or  remote  offices,  which 
could  number  in  the  hundreds  or  even 
thousands.  There,  the  MXR-2  can  be 
removed  from  its  packaging  and  plugged 
into  the  nearest  outlet  and  into  the 
office’s  WAN  connection,  such  as  DSL,T-1 
or  a  cable  modem.  The  MXR-2  switch 
uses  a  discovery  protocol  over  the  WAN 
to  connect  to  a  Trapeze  switch  at  a  head¬ 
quarters  site. 

From  there,  the  MXR-2  can  download  its 
configuration  and  security  settings,  and 
then  set  up  its  local  access  points.  For 
example,  a  network  administrator  in  head¬ 
quarters  can  determine  who  is  allowed  to 
use  the  branch  office  WLAN  and  what 
authentication  policies  will  be  used. 

Once  the  MXR-2  is  configured  it  can  sup¬ 
port  local  WLAN  users. 

As  with  the  Airespace  device,  it  supports 
an  alphabet  soup  of  common  WLAN  secu¬ 
rity  standards,  such  as  Transport  Layer 
Security,  RADIUS  authentication,  802.1  li 
and  802.  IX. 

The  MXR-2  will  be  available  by  year-end. 

Other  WLAN  switch  vendors  are  attack¬ 
ing  the  same  market.  Aruba  Wireless 
Networks  sells  the  Aruba  800,  priced  at  just 
under  $3,000,  and  Symbol  Technologies 
has  the  WS  2000  switch,  priced  at  about 
$1,000.  ■ 


required.” 

In  addition  to  high  port  density,  ad¬ 
vances  in  LAN  switch  components  are  let¬ 
ting  these  tightly  packed  ports  support 
new  features  and  perform  advanced  tasks. 

“Most  switches  are  line-rate  now,  without 
oversubscribing  any  ports,”  Kerravala  says. 
“And  almost  everybody  has  the  capability 
now  to  do  routing  on  the  blade,  instead  of 
sending  traffic  back  to  a  central  processor 
blade  on  the  switch  for  router  table 
look-ups.” 

Tighter  engineering  of  Gigabit  compo¬ 
nents  is  the  main  driver  for  lowering  the 
price  of  LAN  switch  gear.  Since  1999,  the 
average  price  of  a  Gigabit  Ethernet  port 
has  dropped  from  about  $900  to  around 
$200,  according  to  Dell’Oro  Group. 

Lower  prices  are  sparking  high  demand 
for  Gigabit  switch  products,  which  is  help¬ 
ing  drive  the  market  for  Ethernet  silicon. 
According  to  1DC,  the  market  for  LAN 


Dell  will  install  Novell’s  SuSE  Linux  oper¬ 
ating  system  on  Dell  PowerEdge  servers  as 
part  of  a  worldwide  agreement,  the  com¬ 
panies  announced  last  week. 

Novell’s  SuSE  Linux  Enterprise  Server  9 
will  be  available  on  PowerEdge  1850,2800 
and  2850  servers  for  an  annual  subscrip¬ 
tion  per  single-CPU  server  for  $192 


switch  chips  grew  from  $1.8  billion  in 
2002  to  more  than  $2  billion  last  year. 
Broadcom,  Intel,  Marvell,  Agere  and  LSI 
Logic  led  the  market. 

Analysts  say  network  switch  vendors  will 
continue  to  rely  on  network  silicon  mak¬ 
ers  to  squeeze  cost  out  of  making 
LAN  gear. 

“Cisco  set  the  bar  for  the  rest  of  the 
industry”  by  pushing  high  growth  and 
profit  margins  in  the  70%  range  for  LAN 
gear,  Kerravala  says.  “This  forces  all  ven¬ 
dors  to  play  catch-up  and  reduce  costs.” 

“It’s  all  about  cost  reduction  through 
chip  reduction,”  says  Sean  Lavey,  an  ana¬ 
lyst  with  IDC.“As  [switch  makers]  rely  on 
vendors  in  Taiwan  to  build  cheaper 
boxes, this  drives  chip  vendors  to  create 
products  that  are  more  integrated  and 
can  be  reused  across  multiple  product 
lines.” 

Switch  makers  now  will  use  a  few  chip 
vendors  and  spread  those  silicon  compo¬ 
nents  out  across  multiple  product  lines, 
Lavey  says.  ■ 
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Switch  chip  crunchtime 

Makers  of  components  and 
chips  for  LAN  switches  are 
moving  in  these  directions: 


Faster; 


More  and  more  switch  components 
now  include  10/100/1000M  bit/sec 
Ethernet  technology,  anticipating  the 
move  to  desktop  Gigabit  Ethernet. 


i  Denser: 


Chip  makers  are  crunching  multiple 
switch  interfaces  down  to  one,  with 
as  many  as  48  Gigabit  Ethernet  ports 
on  a  single  piece  of  silicon. 


Cooler; 


To  combat  heat  build-up  in  compact 
systems,  component  makers  are  using 
optical  connectors  inside  components, 
which  run  cooler  and  draw  less  power 
than  copper  circuitry. 


Dell  to  pre-install  SuSE  Linux  on  servers 


BY  LAURA  ROHDE 


or  $202. 

For  its  part,  Dell  already  pre-installed* 
market-leader  Red  Flat  Linux  from  Red  ■ 
Hat.  Although  Dell  offered  SuSE  Linux,  it 
only  did  so  as  a  customized  system  option 
for  which  customers  paid  extra. 

Dell  and  Novell  began  working  together 
last  year,  and  the  two  companies  an¬ 
nounced  a  bundling  deal  last  summer. 

“It’s  pragmatic  for  Dell  because  Novell 


has  a  strong  existing  customer  base,  and 
they  are  now  basically  offering  customers 
a  choice  of  the  two  distributions,”  says  Neil 
Macehiter,  a  research  director  at  Ovum. 

Novell  gained  the  SuSE  Linux  kernel 
with  its  January  acquisition  of  German 
company  SuSE  Linux. 

Rohde  is  a  correspondent  with  the  IDG 
News  Service. 
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Racketeer  software 
fights  network  congestion 


■  BY  TIM  GREENE 

Packeteer  is  issuing  software  for  its  traffic¬ 
shaping  gear  that  makes  it  easier  for  cus¬ 
tomers  to  resolve  network  problems. 

Part  of  the  company’s  Packeteer  7.0  soft¬ 
ware  for  its  PacketShaper  appliances,  the 
Adaptive  Response  feature  can  be  config¬ 
ured  to  resolve  problems  automatically  So 
if  a  particular  host  shows  bandwidth  use 
that  spikes  beyond  a  set  threshold,  the 
device  can  drop  traffic  from  that  host  or 
limit  the  bandwidth  available  to  it  until 
someone  can  check  whether  the  spike  is 
warranted.  The  device  also  captures  pack¬ 
ets  when  the  threshold  is  broken,  analyzes 
the  traffic  and  generates  incident  reports. 

Packeteer  has  developed  11  software 
tools  called  template  agents  that  automate 
responses  to  particular  incidents.  For  in¬ 
stance,  the  Suspicious  New  Application 
template  looks  for  applications  that  haven’t 
run  on  the  network  before  and  that  exceed 
bandwidth  limits.  The  templates  guide 
administrators  to  set  up  parameters  for 
responding  to  the  incidents. 

Templates  can  help  manage  traffic,  cre¬ 
ating  lower  WAN  bills.  A  customer  that 
buys  a  WAN  service  with  three  different 
service-quality  levels  might  find  that  most 
of  the  time  the  lower  quality  less-expen¬ 
sive  services  are  good  enough  for  an 
application.  They  then  can  set  the 


Packeteer  PacketShaper  appliances  now  can 
help  users  better  control  application  traffic. 


PacketShaper  to  designate  the  less-expen¬ 
sive  QoS  for  that  application.  If  the  pro¬ 
vider’s  QoS  dips  below  a  predefined  level, 
PacketShaper  can  retag  that  application’s 
packets  to  be  treated  to  a  higher,  more- 
expensive  QoS  level  until  the  lower-priced 
service  bounces  back. 

The  company  competes  against  Allot, 
Expand  Networks  and  Peribit  Networks, 
which  each  offer  a  mix  of  software  and 
analysis  tools,  says  Jerald  Murphy  senior 
vice  president  of  technical  research  ser¬ 
vices  for  Meta  Group,  making  comparisons 
difficult. 

The  new  software  zeroes  in  on  network 
bandwidth  use  by  user.  Previously  it  could 
report  on  how  much  bandwidth  an  appli¬ 
cation  in  aggregate  was  using,  but  not 
which  users  were  responsible.  So  the  soft¬ 
ware  now  can  sort  traffic  going  through 
firewall  Port  80, which  handles  HTTP  traffic, 
but  also  could  be  used  for  screening  peer- 
to-peer  traffic  or  streaming  media,  for 
instance.  ■ 


WIRED 

WINDOWS 

Dave 

Kearns 


A  few  months  ago,  when  the  buzz  was 
all  about  the  “new  and  improved” 
search  engine  Microsoft  was  intro¬ 
ducing,!  found  it  lacking.  While  many  pun¬ 
dits  were  gushing  over  this  challenge  to 
Google.I  found  it  to  be  merely  a  pale  imita¬ 
tion  —  one  that  trailed  in  the  all-important 
area  of  results. 

Now  Google  has  released  a  desktop 
search  application  for  Windows  that  some 
tout  as  the  beginning  of  the  end  for  Red¬ 
mond’s  evil  empire.  It  is  a  good  search 
engine,  but  that’s  to  be  expected.  But  as  an 
“application”  it’s  merely  a  pale  imitation  of 
those  coming  out  of  Microsoft,  trailing 
badly  in  user  friendliness  and  scope. 

You’ll  see  this  problem  as  soon  as  you  try 
to  install  the  product.  A  message  box  pop¬ 
ped  up  telling  me  I  couldn’t  install  be¬ 
cause  there  wasn’t  a  gigabyte  of  free  space 
on  my  C:  drive. The  fact  that  two  other  dri¬ 
ves  had  more  than  100  gig  available 
seemed  beyond  the  scope  of  the  installa¬ 
tion  program.  It’s  been  years  since  an  appli¬ 
cation  didn’t  offer  me  the  opportunity  to 
install  it  wherever  1  wanted  to.  And  this 
application  doesn’t  belong  on  your  C: 
drive.  Because  you  probably  already  have 
registry  files  and  swap  files  there,  anything 
that  could  fill  the  volume  should  be  rele- 


Google's  desktop 
search  engine 
falls  short 


gated  to  another  partition  before  disaster 
happens.  Google’s  indexes  will  start  big 
and  grow  bigger  with  every  document  you 
read. 

The  application  saves  its  own  copy  of 
everything  indexed  —  Word  documents, 
e-mails,  and  even  instant  messages.  That’s 
the  second  problem. This  will  index  every¬ 
thing  you  view  including  spam,  Web  pages 
you  land  on  accidentally, every  IM  —  all  the 
ephemera  of  our  daily  existence.  But  not 
Adobe  Acrobat  files.  PDFs  are  beyond  the 
range  of  this  desktop  engine.  Without  the 
ability  to  index  all  text  files  and  interact¬ 
ively  keep  and  remove  files  from  the  index, 
this  app  is  a  no-brainer  but  it’s  the  brain 
that  designed  it  that  I’m  talking  about. 


Kearns,  a  former  network  administrator,  is 
a  freelance  writer  and  consultant  in  Silicon 
Valley.  He  can  be  reached  at  wired@vquill. 
com. 
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When  business  losses  are  measured  in  seconds, 
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In  fact,  when  we  manage  Proventia  for  you,  we'll  even  guarantee  protection.  Need  proof?  Get  your  free  whitepaper, 
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"We  have  3,000  servers  at  customer  sites  worldwide. 
My  team  of  four  manages,  monitors,  makes  changes, 
and  does  upgrades  without  leaving  our  desks." 
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Make  a  name  for  yourseif  with  Windows  Server  System. 

Microsoft  Windows  Server  System  makes  Reuters 
infrastructure  easier  to  manage.  Here's  how:  In 
the  past,  updating  Reuters  servers  deployed  at 
customer  sites  required  dispatching  a  Reuters 
technician  to  the  customer  site.  But  now,  using 
Windows  Server  2003,  Reuters  can  manage 
everything  remotely,  allowing  them  to  invest 
their  resources  in  new  products  and  added 
services.  It's  software  that  helps  you  do  more  with 
less.  Get  the  full  Reuters  story  and  a  hands-on 
management  tool  at  microsoft.com/wssystem 


Windows  Server  System"  includes  these  products: 


Server  OS 

Windows  Server" 

Operations  Infrastructure 

Systems  Management  Server 

Application  Center 

Operations  Manager 

Internet  Security  &  Acceleration  Server 

Windows*  Storage  Server 

Application  Infrastructure 

SQL  Server" 
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“Check  Point  Express  brings 
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Secure  your  business  with  Check  Point  Express. 

Your  business  deserves  the  best  security  solution  available  today:  Check  Point  ExpressT  Designed  for  companies  with 
100-500  employees,  Check  Point  Express  protects  your  business  with  the  same  superior  firewall  and  VPN 
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you’ll  get  performance  you  can  always  rely  on,  and  security  you  don’t  have  to  worry  about.  Its  unique  features  include 
intelligent  network  and  application-level  protection.  And  its  intuitive  interface  simplifies  every  aspect  of  security 
management.  There  is  no  better  way  to  secure  your  critical  network  resources  and  connect  remote  users  and  sites. 
See  for  yourself.  Compare  Check  Point  Express  to  competing  offerings  at  www.checkpoint.com/compareexpress. 
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and  runs  on  open  servers  from  Dell,  IBM,  and  other  leading  manufacturers. 
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■  PORTALS  ■  MESSAGING/GROUPWARE 

■  E-COMMERCE  ■  SECURITY 

■  MIDDLEWARE  ■  DIRECTORIES 

■  NETWORK  AND  SYSTEMS  MANAGEMENT 

■  WEB  SERVICES 


■  Yahoo  and  Adobe  have  entered  an 
alliance  aimed  at  improving  Yahoo’s 
Internet  search  tool  while  possibly 
turning  more  content  into  PDFs.  The 
companies  last  week  launched  a  co¬ 
branded  toolbar  featuring  Yahoo’s 
search,  pop-up  ad  blocker  and 
AntiSpy  products  alongside  a  Web- 
based  service  from  Adobe  that  lets 
users  create  and  access  PDF  files 
online.  Adobe  will  alert  Acrobat 
Reader  users  that  the  toolbar  is  avail¬ 
able  for  download  when  it  issues  its 
next  minor  update  in  about  a  week, 
the  company  said.  The  companies 
plan  to  add  features  that  would  let 
users  convert  Web-based  content  into 
Adobe  PDF  files. 

■  IBM  last  week  introduced  a  secur¬ 
ity  service  that  offers  a  concise, 
monthly  global-network  threat  report 
designed  to  help  organizations  assess 
security  needs  and  vulnerabilities. 

The  IBM  Global  Business  Security 
Index  compiles  threat  information 
from  some  2,700  IBM  security  profes¬ 
sionals  and  half  a  million  monitored 
devices,  the  company  said.  IBM  secu¬ 
rity  intelligence  and  consulting  ex¬ 
perts  then  analyze  the  data  to  rate 
the  potential  severity  of  IT  threats. 
IBM  is  selling  the  report  to  businesses 
as  a  new  IBM  Security  Intelligence 
Services  offering.  The  report  can  be 
customized  by  industry  and  starts  at 
a  base  price  of  about  $10,000  to 
$15,000  per  year.  A  portion  of  the 
report  will  be  available  every  month 
for  free  on  the  company’s  Web  site, 
IBM  said. 

■  Windows  tools  vendor  Winternals 
announced  last  week  software  that 
recovers  operating  systems  and  appli¬ 
cations  from  Windows  servers,  work¬ 
stations  and  laptops.  Recovery 
Manager  2.0  also  can  be  used  when 
deploying  Windows  security  patches 
in  that  it  can  return  a  system  to  a 
known  good  state  if  the  patch  causes 
the  system  to  malfunction.  New  fea¬ 
tures  in  include  the  ability  to  recover 
program  files,  registry  settings  and 
user  data.  Recovery  Manager  2.0 
costs  $400  per  server. 


Exchange  road  map  overdue 

Users  look  to  Microsoft  for  future  direction  of  messaging  platform. 


■  BY  JORIS  EVERS 

After  Microsoft  removed  the  2006 
Kodiak  release  of  Exchange  Server  from 
its  product  road  map  earlier  this  year,  its 
plans  for  the  messaging  software  have  got¬ 
ten  even  cloudier,  making  it  more  difficult 
for  users  to  make  future  plans  for  the  mes¬ 
saging  package. 

In  May  the  company  said  it  would  deliver 
in  2005  an  addition  to  Exchange  called 
Edge  Services, an  intelligent  message  trans¬ 
fer  agent  for  the  edge  of  a  company’s  net¬ 
work  that  offers  security  spam  and  virus 
protection.  The  software  maker  now  is 
backpedaling  on  that  commitment,  which 
was  the  only  announced  release  for 
Exchange  beyond  2004. 

“We  remain  very  committed  to  Edge 
Services,” says  Kim  Akers,  a  senior  director 
in  Microsoft’s  Exchange  Server  group.  But 
when  asked  to  confirm  the  stated  ship  tar¬ 
get  of  2005,  she  said  “it  is  premature  to  talk 
about  timing.” 

With  no  product  road  map,  it  is  difficult 
for  customers  to  make  licensing  decisions 


and  plan  upgrades,  analysts  say  “Microsoft 
owes  it  to  its  customers  to  specify  and 
deliver  more  or  less  on  time  the  products 
and  updates  they  say  are  coming,”  says 
Peter  Pawlak,  an  analyst  with  Directions  on 
Microsoft,  an  independent  research  firm. 

The  onus  to  provide  a  road  map  is  on 
Microsoft,  Pawlak  says,  because  the  com¬ 
pany  sells  customers  multi-year  licensing 
contracts  that  includes  Software  As¬ 
surances  maintenance  program  that  also 
covers  software  updates. 

While  Microsoft  is  making  it  difficult  for 
corporations  to  anticipate  what  is  coming 
down  the  product  pipeline,  the  company 
is  delivering  incremental  updates  to 
Exchange,  says  Teney  Takahashi,  a  market 
analyst  at  The  Radicati  Group. 

“I  think  Microsoft  is  focused  on  making 
these  small  improvements,”  he  says.  “In  a 
perfect  world,  all  of  that  road  map  infor¬ 
mation  would  be  available.  Microsoft  is 
taking  its  time  to  develop  these  products 
right.  I  think  that  is  more  important  than 
offering  a  road  map  for  five  years, 
although  1  can  understand  if  corpora- 


Exchange 

change  The  use  of  the  newest 
releases  of  Microsoft’s 
Exchange  messaging 
system  is  expected  to 
grow. 


Users  (in  millions) 


1 1.4  million 


Forecast  by 
the  end  of 
2005 


47,8  million 
49.4  million 


■  Exchange  5.5  users 
M  Exchange  2000  users 
■I  Exchange  2003  users 

SOURCErTHE  RADICATI  GROUP 


tions  are  getting  frustrated.” 

Recently,  Microsoft  released  the  Ex¬ 
change  Best  Practices  Analyzer,  a  tool  to 
help  users  fix  configuration  problems.  In 

See  Exchange,  page  28 


New  software  checks  configurations 


■  BY  ELLEN  MESSMER 

St.  Bernard  Software  this  week  will 
unveil  SecurityExpert,  a  scanning  tool  that 
will  let  customers  check  Windows  2000, 
XP  Internet  Explorer  and  Microsoft  Inter¬ 
net  Information  Server  to  make  sure  the 
desktop  and  server  software  is  properly 
configured. 

If  SecurityExpert  determines  that  user  or 
administrative  rights,  in  addition  to  reg¬ 
istry  settings,  are  not  securely  configured, 
it  offers  network  managers  several  recom¬ 
mendations  for  making  changes. 

“If  not  set  properly  configuration  settings 
present  tremendous  vulnerability  that  can 
be  taken  advantage  of  by  the  outside,”  says 
St.  Bernard’s  CEO  John  Jones.  Security- 
Expert  is  being  sold  as  an  option  with  St. 
Bernard’s  UpdateExpert,  Windows-based 
software  for  applying  patch  management 
and  updates  to  Windows  and  Macintosh 
machines. 

Jones  says  St.  Bernard  expects  cus¬ 
tomers  will  want  to  couple  both  proce¬ 
dures,  patch  management  and  systems- 


Security  blanket 

The  first  release  of 
St.  Bernard’s  SecurityExpert 
will  have  about 

17,000 

expert  recommendations 
for  more  than  7,000 
system  security  settings. 


setting  management,  through  a  console- 
based  tool. 

SecurityExpert  systems  configuration  is 
based  on  recommendations  from  several 
sources,  including  Microsoft,  the  two 
security  groups  Center  for  Internet  Sec¬ 
urity  and  SANS,  the  government-backed 
CERT,  and  U.S.  and  Canadian  security 
agencies. 

In  instances  where  all  these  sources  don’t 


agree  on  security  settings,  SecurityExpert 
will  highlight  the  different  recommenda¬ 
tions  after  running  a  network  query  of 
Windows-based  computers.  SecurityExpert 
will  indicate  which  choices  various 
sources  prefer. 

If  the  customer  decides  to  stay  with  the 
recommendations  made  by  the  National 
Institute  for  Standards  and  Technology  or 
National  Security  Agency,  for  example,  the 
choice  for  NIST  or  NSA  is  made  and  the 
configuration  settings  are  pushed  out  to 
the  computer. 

The  first  release  of  SecurityExpert,  which 
ships  this  week,  will  have  about  17,000 
expert  recommendations  for  more  than 
7,000  system  security  settings.  The  tool 
provides  a  way  to  audit,  enforce  and  re¬ 
port  on  the  machines  based  on  assigned 
policies. 

SecurityExpert  competes  against  many 
configuration  tools  on  the  market,  includ¬ 
ing  those  from  Configuresoft  and 
Microsoft. 

SecurityExpert  costs  $1,680  for  50 
machines,  which  includes  UpdateExpert.  B 


WHEN  YOU  STEPPED  AWAY 
FROM  YOUR  DESK,  A  WORM  WAS 
DETECTED,  QUARANTINED  AND 
ELIMINATED  BEFORE  ANYONE 
NOTICED  YOU  WERE  GONE. 
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Imagine  a  network  solution  so  advanced,  so  secure,  so  ingeniously  proactive, 

you  may  never  have  to  worry  about  an  outbreak  again. 
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This  column  will  be  published  the  day 
before  the  U.S.  presidential  election.  I 
hope  all  of  you  who  have  registered 
to  vote  will  do  so,  and  1  hope  that  the  pre¬ 
dictions  of  a  multi-month  period  of  con¬ 
fusion  before  the  winner  is  known  prove 
to  be  overly  pessimistic.  1  also  hope  the 
worries  about  chaos,  or  worse,  fraud  with 
electronic  voting  machines  prove  to  be 
overly  pessimistic.  But  even  if  the  latter  is 
the  case  this  time,  it’s  only  a  matter  of  time 
before  a  crisis  erupts  in  this  area  unless 
some  basic  changes  are  made. 

Things  have  not  gotten  much  better 
since  I  last  wrote  about  this  topic  (see 
www.nwfusion.com,  DocFinder:  4426).  In 
fact,  things  such  as  the  Pentagon’s  ill-fated 
vote-by-Internet  project  and  the  testimony 


Misapplied  faith 

by  state  election  officials  in  California  and 
Florida  show  how  hard  it  is  to  get  officials 
to  acknowledge  that  there  are  any  possi¬ 
ble  problems  here.  Too  many  officials 
seem  to  be  far  more  interested  in  simplic¬ 
ity  than  in  accuracy  or  security.  Many  also 
seem  to  be  interested  in  covering  their 
tails  after  believing  the  marketing  hype 
and  buying  millions  of  dollars’  worth  of 
voting  machine  products  that  many 
observers  now  are  questioning. 

Someday  I  expect  a  way  will  be  figured 
out  to  support  secure  and  reliable  Inter¬ 
net  voting  that  will,  at  the  same  time,  pre¬ 
serve  the  secrecy  of  the  vote.  But  I  expect 
that  will  take  quite  a  bit  of  time  to  work 
out  and  even  longer  to  convince  people 
that  it  meets  the  criteria.  Until  then  those 
of  us  who  vote  (not  enough  do,  by  the 
way)  will  have  to  go  to  a  polling  place  or 
get  an  absentee  ballot.  When  doing  so,  too 
many  of  us  will  be  confronted  by  repack¬ 
aged  PCs  masquerading  as  voting 
machines. 


www.nwfusion.com 


Since  June,  The  New  York  Times  has  run 
a  series  of  editorials  about  voting  in  the 
U.S.  (DocFinder:4427).The  editorials,  19  to 
the  date  of  this  writing,  have  covered  the 
gambit  of  voting-related  issues  —  includ¬ 
ing  some  disturbing  reasons  why  some 
election  officials  might  be  so  willing  to 
defend  electronic  voting  or  voting  mac¬ 
hines  (DocFinder:  4429).  Demonstrating 
the  importance  of  the  issue,  eight  of  the 
editorials  concern  electronic  voting  or 
voting  machines.  The  latest  editorial  pro¬ 
vides  a  road  map  of  what  Congress  should 
do  to  “give  us  the  democracy  we  deserve” 
(DocFinder:4429). 

Most  of  the  specific  suggestions  deal 
with  voting  process  rules,  but  the  last  one 
calls  for  securing  electronic  voting: 
“Mandatory  safeguards,  including  a  paper 
trail,  for  electronic  voting.  Election  offi¬ 
cials  like  to  say  that  electronic  voting  is  as 
secure  as  it  can  be,  but  that  is  false. 
Nevada  regulators,  for  example,  impose 
far  more  stringent  checks  on  slot 


machines  than  any  state  does  on  elec¬ 
tronic  voting.  Congress  should  impose 
much  more  rigorous  safeguards,  including 
a  requirement  that  all  computer  code  be 
made  public.  It  should  require  that  all 
electronic  machines  produce  a  voter-veri¬ 
fied  paper  trail.” 

I  hope  that  Congress  pays  attention  to 
these  recommendations.  Maybe  four 
years  from  now,  we  will  be  able  to  go  to 
the  polls  and  not  have  to  rely  on  the 
same  kind  of  faith  in  trusting  the 
machine  we  vote  on  as  we  have  to  in 
trusting  the  people  we  vote  for  on  the 
machine. 

Disclaimer:  I  expect  that  Harvard’s 
school  for  studying  faith  (the  divinity 
school)  does  not  deal  with  faith  in  com¬ 
puters,  but  I  did  not  ask,  and  the  above  is 
my  own  view. 

Bradner  is  a  consultant  with  Harvard 
University's  University  Information  Sys¬ 
tems.  He  can  be  reached  at  sob@sob.com. 


CipherTrust  takes  ‘control'  of  spam 

Updated  ironMail  appliance  rejects  spammers’  connection  requests. 


■  BY  CARA  GARRETSON 

E-mail  security  vendor  Cipher- 
Trust  is  adding  a  new  feature  to 
its  IronMail  gateway  appliance 
designed  to  boost  the  product’s 
performance  by  identifying  and 
rejecting  incoming  spams  with¬ 
out  having  to  process  them 
through  anti-spam  filters. 

Called  Connection  Control,  this 
feature  is  implemented  as  a  free 
software  download.  It  takes  his¬ 
torical  information  an  IronMail 
appliance  collects  regarding  an 
IP  address’  propensity  to  send 
out  unwanted  messages  and 
rejects  connection  requests  from 
those  known  spam  sources,  says 
Matt  Anthony,  director  of  product 
marketing  with  CipherTrust. 


The  feature  relies  on  IronMail’s 
Spam  Profiler  software,  a  collec¬ 
tion  of  anti-spam  filters  and  tech¬ 
niques,  to  pinpoint  IP  addresses 
that  have  been  known  to  send 
out  spam  in  the  past.  It  then 
cross-checks  that  information 
against  CipherTrust’s  Trusted- 
Source  reputation  service  that 
identifies  sources  of  wanted 
e-mail.  As  a  result,  IronMail  can 
detect  which  IP  addresses  are 
sending  an  organization  spam 
and  automatically  reject  connec¬ 
tion  requests  from  those  address¬ 
es,  Anthony  says.  IronMail  admin¬ 
istrators  can  chose  for  how  long 
messages  are  rejected  from  IP 
addresses  that  have  been  flagged 
as  spam  sources. 

Connection  Control  “is  the  first 


stop.  Once  we’ve  identified  these 
senders,  we  don’t  need  to  look  at 
their  e-mail  to  determine  it’s  bad 
stuff,”  he  says.  By  automatically 


rejecting  connection  requests 
from  known  spam  sources,  Iron- 
Mail  becomes  more  efficient 
because  it  has  less  e-mail  to 


scan,  the  company  says. 

One  e-mail  administrator  who 
began  testing  the  Connection 
Control  feature  last  month  has 


seen  a  drop  in  the  amount 
of  mail  the  appliance  must 
process. 

“Without  some  way  to  stop  the 


[unwanted]  mail  from  even 
coming  in  to  the  appliance,  we 
would  end  up  having  so  many 
appliances  that  it  wouldn’t  be 
cost-effective,”  says  Franklin  War- 
lick,  messaging  systems  adminis¬ 
trator  at  Cox  Communications 
in  Atlanta,  which  uses  six 
IronMail  appliances  to  manage 
the  60,000  in-boxes  on  its  corpo¬ 
rate  network. 

Warlick  says  he  also  likes  that 
Connection  Control  sends  an 
SMTP  message  back  to  the  sen¬ 
der  telling  them  their  e-mail  has 
been  rejected,  which  requires 
some  bandwidth  to  receive,  he 
says.  “There’s  a  little  bit  of  pay¬ 
back”  to  the  spammers,  Warlick 
says. 

There  is  still  the  possibility  that 
Connection  Control  could  reject 
a  wanted  message  by  mistake, 
Anthony  acknowledges,  but  it’s 
highly  unlikely  given  the  unusual 
sending  patterns  of  spammers, 
such  as  sending  high  volumes  of 
mail  in  a  short  period  of  time, 
that  make  them  easy  to  identify 
And  wanted  e-mails  are  often  re¬ 
sent,  while  spammers  don’t  tend 
to  resend  messages  that  are 
rejected  in  such  a  manner, 
he  adds. 

Connection  Control  is  available 
from  CipherTrust  this  week.  The 
company’s  IronMail  appliance 
competes  with  offerings  from 
IronPort,  Proofpoint  and  other 
gateway  appliance  makers.  ■ 


Exchange 

continued  from  page  25 

May  Microsoft  introduced  a  spam  filter  for 
Exchange  Server  2003  called  Intelligent  Mes¬ 
sage  Filter,  and  earlier  this  year  the  vendor 
released  the  first  Service  Pack  for  Exchange 
Server  2003. 

Philip  Colmer,  IT  manager  at  ProQuest 
Information  and  Learning  in  Cambridge, 
England,  is  happy  with  the  Exchange  Server 
2003  system  he  upgraded  to  at  the  beginning 
of  tire  year.  Colmer  says  he  is  not  looking  for 
another  upgrade  anytime  soon. 

"i  am  not  too  bothered  at  this  point  in  time 
that  Microsoft  has  not  made  any  announce¬ 


ments  about  a  new  product,”  he  says.“Never- 
theless,  customers  traditionally  do  expect 
road  maps  from  Microsoft.” 

A  year  after  releasing  Exchange  Server 
2003,  Microsoft  heralded  the  success  of  the 
product  last  week  at  an  Exchange  users 
event  in  Orlando.  However,  attendees  didn’t 
hear  much  about  the  future  of  Exchange 
because  Microsoft  is  not  ready  to  publicly 
discuss  the  Exchange  road  map,  including 
plans  for  a  new  version,  Akers  says. 

At  the  Exchange  Connections  event  the 
company  announced  it  sold  55%  more 
licenses  of  Exchange  Server  2003  in  the  first 
year  after  its  release  than  it  did  with  prede¬ 
cessor  Exchange  2000  Server.The  vendor  also 
has  had  more  than  1 75,000  requests  for  eval¬ 


uations  of  the  product,  and  more  than  31,000 
people  have  participated  in  Microsoft’s 
Exchange  Server  2003  classes. 

Still,  Microsoft  faces  a  challenge  in  getting 
customers  to  upgrade.  The  Radicati  Group 
expects  the  number  of  Exchange  Server  2003 
seats  won’t  exceed  the  number  of  Exchange 
5.5  or  Exchange  2000  seats  until  the  end  of 
2005,Takahashi  says. 

Evers  is  a  correspondent  with  the  IDG  News 
Service. 
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Without  some  way  to  stop  the  [unwanted] 
mail  from  even  coming  in  to  the  appliance, 
we  would  end  up  having  so  many  appliances 
that  it  wouldn’t  be  cost-effective. 

Franklin  Warlick 

Messaging  systems  administrator,  Cox  Communications 


Can  your  network 
eliminate  security  threats? 


TOTAL  SECURITY.  Can  your  network  detect,  isolate  and  eliminate  security  threats  before  they 
become  security  breaches?  Whether  intruders  come  from  across  the  world  or  across  the  hall, 
AT&T’s  proactive  networking  solutions  can  identify  and  neutralize  threats  long  before  they  have 
a  chance  to  damage  your  data,  your  systems,  or  your  business.  CAN  YOUR  NETWORK  DO  THIS? 
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For  a  network  that  can,  call  1-888-889-0234 
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enterasys 

Networks  that  Know 


These  days,  no  network  is  free  of  threats.  That’s  why  you  have  to  assign  network  security  privileges  to  everyone.  Employees,  customers, 
and  partners.  You  need  to  set  an  acceptable  use  policy  that  dictates  what  each  of  them  can  and  can’t  access.  Until  now,  you  had  to  do 
this  manually. 

Not  anymore.  Now  you  can  do  what  Baylor  University  did.  Implement  an  Enterasys  Secure  Networks™  solution  with  a  unique,  policy- 
based  system  that  empowers  the  network  to  allocate  resources  based  on  specific  users  and  their  roles.  The  network  “sees”  who  the  user 
is  and  assigns  privileges  accordingly.  This  unproved  control  also  gives  you  more  security. 

It's  all  about  giving  you  a  smarter  way  to  network  with  central,  intuitive  management.  Find  out  more  at  networksthatknow.com/Baylor. 
Or  ad<  any  one  of  the  many  enterprise  customers  we’ve  worked  with  for  years. 
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GXS  to  inherit  IBM’s  EDI  business 


■  BY  ANN  BEDNARZ 

Global  eXchange  Services  stands  to 
become  the  largest  player  in  an  industry 
some  predicted  would  continue  to  falter 
and  eventually  die  out  altogether.  Instead, 
today’s  value-added  network  service 
providers  are  mulling  a  comeback  as 
increasingly  complex  business  integration 
efforts  have  companies  looking  to  outside 
providers  for  help. 

Technology  investment  company  Fran¬ 
cisco  Partners  —  which  is  the  majority 
owner  of  GXS  —  recently  announced 
plans  to  buy  IBM’s  Electronic  Data 
Interchange  (EDI)  and  Business  Exchange 
Services  units  for  an  undisclosed  sum. 

The  two  lines  of  business  serve  compa¬ 
nies  that  need  to  exchange  documents 
electronically  with  customers,  suppliers 
and  business  partners.  IBM’s  EDI  business 
includes  its  traditional  EDI  VAN  contracts, 
while  its  Business  Exchange  Services  unit 
includes  more  modern,  Internet-based  EDI 
services  that  let  users  send  and  receive  EDI 
data  via  the  Web. 

EDI  VANs  “have  been  much  more  resis¬ 
tant  than  almost  anybody  thought  they 
would  be,”  says  Ken  Vollmer,  principal  ana¬ 


lyst  at  Forrester  Research.  One  reason  is 
their  reliability  Another  is  that  VAN 
providers  have  lowered  prices  to  allow 
more  favorable  ROIs,  he  says. 

After  the  completion  of  the  deal, 
Francisco  Partners  plans  to  merge  the  two 
IBM  units  into  GXS.  The  combination  of 
these  rival  businesses  will  make  GXS  the 
industry’s  largest  EDI  player,  boasting  more 
than  40,000  direct  and  indirect  customers, 
says  Bobby  Patrick,  senior  vice  president  of 
marketing  at  GXS. 

IBM’s  strength  in  the  financial  services 
sector  and  its  operations  in  Latin  America 
and  Japan  are  particularly  important  to 
GXS,  Patrick  says.  GXS  will  continue  to  oper¬ 
ate  IBM’s  proprietary  VAN  platform  as  part 
of  a  long-term  outsourcing  arrangement 
with  Big  Blue,  he  says. 

In  selling  its  EDI  businesses,  IBM  appears 
to  have  made  a  decision  to  focus  its  busi- 
ness-to-business  integration  efforts  within 
its  WebSphere  Business  Integration  unit, 
Vollmer  says.“IBM’s  EDI  group  has  not  been 
a  high  priority  within  IBM  for  some  time.  It 
makes  sense  to  spin  it  out  to  someone  who 
could  focus  on  it.” 

Meanwhile,  the  challenge  for  GXS  is  to  get 
customers  interested  in  its  growing  appli- 


Takes 


■  Verizon  has  selected  Motorola  to 

supply  video  network  infrastructure 
and  customer  premises  equipment  for 
its  f iber-to-the-premises  network. 
Terms  of  the  multi-year  agreement 
were  not  disclosed.  Verizon  plans  to 
launch  video  services  on  its  FTTP  net¬ 
works  next  year.  Verizon's  FTTP  build¬ 
out  currently  encompass  nine  states. 
Motorola  also  will  provide  project  inte¬ 
gration  and  operational  services. 

■  After  clearing  Department  of  Jus¬ 
tice  and  FCC  hurdles,  Cingular 
Wireless  and  AT&T  Wireless  have 
completed  their  $41  billion  merger, 
creating  the  nation’s  largest  wireless 
carrier  in  terms  of  subscribers.  The 
combined  company,  which  will  be 
known  as  Cingular  Wireless,  has  more 
than  46  million  customers,  surpassing 
Verizon  Wireless  with  40.4  million  cus¬ 


tomers.  It  will  have  licenses  to  operate 
wireless  service  in  49  states  and  will 
serve  the  top  100  U.S.  metropolitan  areas. 
Cingular  had  to  divest  itself  of  wireless 
customers  and  other  assets  in  13  U.S. 
markets  to  gain  approval  for  the  merger. 
Stan  Sigman,  currently  president  and 
CEO  of  Cingular,  will  continue  to  serve  as 
the  president  and  CEO  of  the  new  firm. 

■  Hughes  Network  Systems  announced 
last  week  its  Direcway  Multimedia  Ser¬ 
vice  satellite-based  multicast  service  that 
lets  users  distribute  video  content  such 
as  corporate  television,  Web  conferenc¬ 
ing,  training  and  digital  advertising  daily  or 
for  special  events.  Users  can  pay  a  flat 
monthly  fee  for  a  specific  chunk  of  band¬ 
width  that’s  available  throughout  the 
month  or  pay  only  for  what  they  use.  The 
service  costs  $3  to  $30  per  month  for  .5M 
bit/sec  of  multicast  bandwidth  and  from 
$5  to  $74  per  month  for  1.5M  bit/sec  of 
multicast  bandwidth.  Prices  are  for  exist¬ 
ing  Direcway  satellite  customers  and  vary 
based  on  number  of  remote  sites. 


VAN  resurgence 

Over  the  next  few  years,  the 
complexity  of  business-to- 
business  integration  will  force 

20% 

of  internally  managed  projects 
to  switch  some  traffic  back  to 
value-added  networks, 
Gartner  predicts. 


cation  services  portfolio,  while  at  the  same 
time  continue  to  bolster  its  more  open, 
Internet-based  EDI  network  business. 

Like  rival  Sterling  Commerce,  GXS  gradu¬ 
ally  has  reduced  customers’  dependence 
on  legacy  EDI  VANs  that  require  propri¬ 
etary  software,  in  favor  of  Internet-based 


EDI  services.  The  emergence  of  standards 
such  as  Applicability  Statement  2  —  which 
describes  how  to  create  a  connection  and 
securely  transport  an  EDI  file  over  the 
Internet  —  have  spurred  Internet  EDI 
adoption. 

Additionally  GXS  has  been  working  to 
diversify  its  business  to  include  not  only 
network  services  but  also  industry-specific 
application  services.  For  example,  it  offers 
data  synchronization  services  for  its  retail 
customers.  GXS  also  closed  its  $30  million 
acquisition  of  product  information  man¬ 
agement  vendor  Haht  Commerce  earlier 
this  year  —  a  deal  that  adds  packaged 
applications  to  its  lineup. 

That’s  the  direction  the  industry  needs  to 
go,  Gartner  says.  The  research  firm  predicts 
that  at  least  35%  of  all  new  VAN  revenue 
will  be  from  bundled  network  and  appli¬ 
cation  hosting  services  by  2005,  up  from 
less  than  10%  last  year. 

See  GXS,  page  32 


Sprint  rolls  out  wireless 
management  services 


■  BY  DENISE  PAPPALARDO 

Sprint  last  week  announced  its  first  man¬ 
agement  system  that  lets  users  manage 
enterprise-wide  wireless  services  and 
devices  while  also  promising  reduced 
costs  and  increased  security. 

The  service  provider  launched  Sprint 
Managed  Mobility  Service  (SMMS)  at 
CTIA  2004  in  San  Francisco.  The  manage¬ 
ment  tool  provides  rate  optimization,  over- 
the-air  software  upgrades,  security  fea¬ 
tures  and  asset  management  features. 

“Sprint  is  the  only  wireless  service 
provider  offering  a  set  of  management 
tools  to  its  enterprise  customers,”  says 
Philip  Redman,  an  analyst  at  Gartner.  He 
expects  competitors  to  begin  offering  sim¬ 
ilar  tools  within  the  next  year. 

With  Sprint’s  tool,  customers  can  more 
easily  manage  their  enterprise-wide 
pooled  wireless  minutes  by  ensuring  indi¬ 
vidual  users  are  on  the  best  rate  plans. 
SMMS  customers  also  will  be  able  to 
receive  new  applications,  updated  clients 
or  download  security  patches  for  smart¬ 
phone  devices  without  having  to  dock  the 
device. 


The  service  also  will  let  users  deploy 
security  clients  on  their  smart  phones  that 
can  be  used  to  enforce  security  measures, 
such  as  requiring  user  ID  and  passwords 
be  entered  before  each  use.  If  a 
See  Sprint,  page  32 
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In  a  previous  column,  I  defined  tele¬ 
communications  as  enabling  remote 
communications  between  humans. 
Back  in  the  last  century  that  meant  being 
able  to  project  your  voice  and  ears  across 
thousands  of  miles  —  speaking  and  lis¬ 
tening  at  a  distance,  in  other  words. 

Extending  that  definition  to  other  senses 
yields  some  interesting  ideas.  Take  sight: 
Videoconferencing  has  been  a  decidedly 
mixed  success,  primarily  because  of  the 
cost  and  complexity  of  current  systems. 
However,  there  are  signs  that  video  is  on 
the  uptake.  Many  IT  executives  I’ve  spoken 
with  in  the  past  few  months  have  indi¬ 
cated  that  extending  videoconferencing 
out  to  branch  offices  is  a  major  driver  for 
converged  infrastructures. 


Telecom,  nanotechnology  and  sensor  networks 


But  video’s  the  unimaginative  example. 
If  you  really  want  to  stretch  your  brain, 
consider  the  cutting-edge  research  under¬ 
way  in  the  areas  of  sensor  networks  and 
nanotechnology 

Sensor  networks  are,  as  the  name 
implies,  networks  of  tiny  embedded  net¬ 
works  that  gather  data  from  remote  loca¬ 
tions  and  transmit  it  back  to  central  sites 
for  processing. 

Applications  include  geology  (sensor 
networks  on  volcanoes  such  as  Mount  St. 
Helens  help  predict  potential  eruptions 
—  Mount  St.  Helens  buffs  definitely 
shouldn’t  miss  the  volcanocam  at 
www.nwfusion.com,  DocFinder:  4345);  the 
military  (sensor  networks  on  battlefields 
transmit  real-time  intelligence  back  to 
headquarters);  and  construction  (sensor 
networks  on  buildings  help  provide  real¬ 
time  insight  into  building  strains  and 
stresses).  For  a  relatively  recent  overview 
of  state-of-the  art  sensor  networking, 
check  out  the  IEEE  survey  paper  by 
researchers  at  Georgia  Tech  University 


(DocFinder:  4346). 

For  a  good  list  of  current  research  under¬ 
way  on  sensor  networks,  check  out  the 
University  of  Virginia  site  at  DocFinder: 
4347.  It’s  easy  to  envision  practical  com¬ 
mercial  applications  for  sensor  networks, 
such  as  inventory  tracking  for  retail  and 
distribution,  and  process  tracking  for 
manufacturing. 

But  sensor  networks  represent  only  half 
the  story  Picking  up  data  and  transferring 
it  back  to  a  centralized  site  for  processing 
is  interesting  —  but  it’s  basically  unidirec¬ 
tional  transmission.  Now  couple  that  with 
a  bidirectional  communications  infra¬ 
structure  (for  example,  the  central  loca¬ 
tion  can  transmit  information  back  to  the 
remote  sensors)  and  the  ability  for  sens¬ 
ing  devices  to  react  and  respond.  A  key 
way  to  make  this  happen  is  using  emerg¬ 
ing  nanotechnology  which  enables  low- 
power  actions.  Coupling  sensor  networks 
to  nanotechnology-enabled  devices  thus 
provides  the  ability  to  feel  and  move  at  a 
distance  —  thus  dramatically  extending 


the  definition  of  communication. 

This  combination  of  sensor  networks 
and  nanotechnology  is  sometimes  re¬ 
ferred  to  as  an  embedded  network,  and 
it’s  the  topic  of  active  research  today  Even 
more  intriguingly,  some  of  the  leaders  in 
this  area  are  folks  who  performed  some  of 
the  cutting-edge  research  creating  the 
early  Internet,  such  as  Deborah  Estrin  at 
UCLA,  particularly  at  the  National  Science 
Foundation-funded  UCLA  Distributed 
Embedded  Systems  Program.  Check  out 
DocFinder:  4348  for  more  details. 

Much  of  this  stuff  is  so  new  that  it  verges 
on  science  fiction  —  but  it’s  coming. 
Watch  for  an  expansion  of  the  definition 
of  communications.  Now  instead  of  just 
speaking  and  listening  at  a  distance,  com¬ 
munications  also  can  mean  sensing  and 
taking  action  at  a  distance. 

Johnson  is  president  and  chief  research 
officer  at  Nemertes  Research,  an  indepen¬ 
dent  technology  research  firm.  She  can  be 
reached  at  johna@nemertes.com. 


Carriers  aim  for  MMS  interoperability 


■  BY  STEPHEN  LAWSON  AND  TOM  KRAZIT 

SAN  FRANCISCO  —  U.S.  wireless  opera¬ 
tors  have  created  a  plan  for  Multimedia 
Messaging  Services  interoperability  across 
networks,  the  Cellular  Telecommunica¬ 
tions  &  Internet  Association  announced 
last  week. 

The  carriers  have  agreed  on  a  set  of 
guidelines  for  interoperability  of  MMS, 
which  lets  mobile  phone  users  add  digital 
photos,  sounds,  video  and  other  rich  con¬ 
tent  to  messages  they  send  from  one  data- 
capable  phone  to  another,  said  Steve 
Largent,  president  and  CEO  of  the  CTIA. 
The  group  expects  MMS  interoperability 
to  be  established  by  year-end,  Largent  said 


GXS 

continued  from  page  31 

This  diversification  could  help  stem  the 
industry’s  recent  revenue  loss.  Gartner 
estimates  that  overall  VAN  revenue  has 
declined  5%  to  20%  for  the  past  several 
years.  It  will  fall  by  another  5%  this  year 
before  flattening  in  2005,  Gartner  pre¬ 
dicts.  Looking  ahead,  revenue  is  expected 
to  grow  at  least  5%  annually  in  2006  and 
2007. 

Nonetheless,  the  competition  for  han¬ 
dling  business  transactions  is  tight.  GXS 
competes  with  Internet  VANs  such  as 
bTrade,  Internet  Commerce  Corp.  and 
iSoft.  In  addition,  it  runs  up  against  inte¬ 
gration  service  providers  such  as  Grand 
Central  Communications  and  industry- 
specific  business  integration  providers 
such  as  The  Descartes  Systems  Group  and 
E2open.  91 


during  of  a  keynote  presentation  at  the 
CTIA  2004  trade  show  in  San  Francisco. 

Interoperability  should  drive  up  the  use 
of  MMS  in  the  U.S.  just  as  the  establishment 
of  interoperable  short  messaging  service 
(SMS)  has  done,  Largent  said.  Though  the 
U.S.  has  lagged  behind  other  parts  of  the 
world  in  SMS,  usage  here  has  soared  with 
interoperability  he  said. 

So  far,  MMS  interoperability  in  the  U.S. 
has  only  been  established  between  Cing- 
ular  Wireless  and  AT&T  Wireless  Services, 
and  users  of  other  services  have  not  been 
able  to  consistently  send  rich  content  to 
each  other’s  phones,  according  to  Chris 
Pearson,  president  of  3G  Americas,  an 
organization  of  GSM  carriers.  Cingular  last 
week  completed  its  acquisition  of  AT&T 
Wireless. 

The  keynote  session  also  featured  in¬ 
sights  into  the  provision  and  selling  of 
mobile  multimedia  services  from  two 
industry  executives. 

The  next  big  drivers  of  mobile  phone 
use  will  be  multimedia  and  3D  gaming, 
said  Paul  Jacobs,  president  of  Qual¬ 
comm’s  wireless  and  Internet  group. 
General-purpose  phones,  not  specialized 
handheld  gaming  platforms,  will  be  the 
most  popular  platform  for  games, 
he  added. 

“It  [may  be]  game  over  for  the  handheld 
gaming  device,”  Jacobs  said.  Qualcomm- 
based  phones  are  mass-market  devices 
that  can  bring  sophisticated  gaming  to  a 
handset  that  exceeds  the  expectations  of 
many  average  users,  he  said. 

But  as  users  play  mobile  games  for  an 
hour  a  day  or  so,  battery  life  will  be  a  grow¬ 
ing  problem,  Jacobs  added.  Qualcomm  is 
addressing  that  through  its  acquisition  last 


month  of  Iridigm  Display  a  maker  of 
reflective  displays.  Screens  made  with  the 
reflective  technology  take  advantage  of 
existing  light,  reducing  backlight  power 
requirements  in  both  dim  and  brightly  lit 
environments,  extending  battery  life  by 
four  times  in  well-lit  places,  he  said. 

Mobile  operators  have  done  a  good  job 
marketing  cool  handsets  and  economical 
service  plans  but  have  fallen  short  in 
explaining  multimedia  services  to  sub¬ 
scribers,  said  Graeme  Ferguson, Vodafone 
Group  Services’ executive  head  of  content 
development,  in  a  keynote  address. 

Operators  need  to  identify  their  target 
markets,  produce  content  that  speaks 
to  those  consumers  and  make  it  easy  to 
access  and  use,  Ferguson  said.  With  its 
Vodafone  Live  service,  launched  two 
years  ago  and  now  serving  19.8  million 
customers  of  Vodafone-affiliated  carriers 
in  21  countries,  the  carrier  focused  on 
males  aged  18  to  24  and  delivered  basic 
services  such  as  games,  news,  radio, sports 
and  chat. 

Despite  the  need  for  carriers  to  deliver 
attractive  content  packages,  the  mobile 
content  market  can’t  reach  its  full  poten¬ 
tial  size  without  giving  subscribers  a  way 
to  reach  third-party  providers  outside  the 
“walled  garden”  of  proprietary  content, 
Ferguson  added. 

Lawson  and  Krazit  are  correspondents 
with  the  IDG  News  Service. 

Mobile 
Computing 
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customer’s  phone  is  lost  or  stolen,  Sprint 
can  send  a  short  message  service  signal 
to  essentially  “zap”  the  phone  of  all 
its  data. 

Sprint  says  this  is  particularly  important 
for  PDA  users  who  store  corporate  data 
on  their  devices.  The  carrier’s  over-the-air 
software  upgrades  and  security  features 
are  only  available  to  users  with  smart 
devices  such  as  a  Palm  orTreo. 

The  SMMS  service  also  offers  features 
that  make  it  easier  to  track  all  the  Sprint 
wireless  devices  a  customer  has  deployed 
throughout  its  company 

Although  Redman  says  Sprint’s  offering 
is  a  good  first  step  in  bringing  manage¬ 
ment  tools  to  customers,  he  also  says  the 
service  might  not  meet  the  needs  of  all 
enterprise  users. 

“Hardly  any  [midsize]  to  large  busi¬ 
nesses  use  one  wireless  service  provider,” 
Redman  says.That  means  that  a  company 
could  only  take  advantage  of  these  man¬ 
agement  tools  for  a  percentage  of  their 
users.  Third-party  management  products 
from  companies  such  as  Traq  Wireless  or 
Digital  Reliance  cover  services  and 
devices  from  all  a  customer’s  service 
providers. 

Most  business  users  would  rather  have 
one  system  they  can  use  to  manage  ser¬ 
vices  from  multiple  wireless  service  pro¬ 
viders,  he  says. 

Sprint  says  that  a  handful  of  users  are 
testing  the  service,  including  Newsweek 
and  Mutual  of  Omaha. 

According  to  Redman,  Sprint  will 
charge  $5  to  $15  per  user,  per  month,  for 
the  SMMS  service.  Sprint  would  not  con¬ 
firm  the  pricing,  but  says  it  will  announce 
specific  fees  early  in  the  first  quarter 
when  the  offering  is  available.® 
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Cable  operators  target  business  accounts 


■  BY  JIM  DUFFY 

Think  your  cable  TV  company  is  just  for  video  and 
residential  VoIP?  Think  again.  Cable  multisystem 
operators  are  building  a  strong  presence  as 
providers  of  business  telecom  services,  particularly  to 
small  and  midsize  businesses. 

In  the  U.S.  alone  there  are  approximately  5.4  million 
SMBs,  about  98%  of  which  are  passed  by  upgraded 
cable  facilities,  according  to  Current  Analysis.  U.S.  busi¬ 
nesses  will  spend  roughly  $3.2  billion  on  cable  modem 
services  this  year,  as  compared  with  an  estimated  $3.3 
billion  for  DSL  services,  according  to  In-Stat/MDR. 

“It’s  small  businesses  —  doctors’  offices,  car  dealer¬ 
ships  —  those  kind  of  places  that  have  some  data  needs 
but  don’t  have  heavy-duty  data  needs,” says  Lynda  Starr, 
an  analyst  at  Probe  Group. 

In  2003,  SMBs  spent  about  $2.15  billion  on  “value- 
added”  data  services  —  broadband  services,  voice-over-X 
(VoipVoDSL  and  others)  services, VPN  services,  managed 
services  and  other  telco-delivered  services  provided  over 
the  wide-area  data  network.They  spent  the  largest  portion 
—  36%  —  of  their  wireline  data  service  budgets  on  such 
services,  the  firm  found. 

“They’re  in  the  areas  that  are  already  passed  by  the 
cable  systems,”  Starr  says.“The  residential  market  is  pretty 
well  saturated;  there’s  not  a  lot  of  new  business  to  be  had. 
[MSOs]  have  to  increase  the  revenue  per  subscriber  they 
have  or  find  new  types  of  subscribers.” 

At-home  workers  and  telecommuters  also  continue  to 
drive  broadband  adoption.  Nearly  one-third  of  the  U.S. 

fcfc  [Charter]  offered  us  bandwidth 
that  was  100  times  greater  than 
what  the  phone  company  offered 
us,  at  about  one-fifth  the  price. 
Obviously,  the  choice  was  easy 
to  make.H 

Jeff  Gibson 

Technology  supervisor, 

Wisconsin  Rapids  School  District 

workforce,  or  44  million  individuals,  is  expected  to  work 
at  home  on  at  least  a  part-time  basis  this  year,  according 
to  In-Stat/MDR. 

The  firm  expects  that  number  to  grow  to  51  million 
telecommuters  by  2008,  nearly  14  million  of  whom  are 
expected  to  work  from  home  full  time.  Cable  outpaces 
DSL  in  terms  of  number  of  subscribers  in  the  U.S.  busi¬ 
ness  at-home  workforce,  In-Stat  finds. 

Cable  company  Cox  Communications  is  finding  a 
lucrative  business  in  offering  enterprise  services.The 
company’s  Business  Services  unit,  which  was  launched 
in  1998,  provides  data,  voice  and  transport  services  to 
more  than  100,000  customers. 

Cox  Business  Services’  customers  include  Boeing,  First 


Fidelity  Bank  and  MGM  Mirage  resorts.  Its  products  and 
services  include:  dedicated  data  transmission  up  to  OC- 
192  speeds  over  fiber, T-l  and  ATM,  and  VPN;  Internet 
access;  switched  voice  and  long-distance;  video  ser¬ 
vices;  Web  hosting  and  e-commerce;  and  carrier  access 
services. 

The  Cox  unit  generated  revenue  of  more  than  $287  mil¬ 
lion  in  2003,  a  25%  increase  over  2002. The  company 
expects  annual  growth  to  continue  in  the  mid-20%  range. 

“We  focus  for  the  most  part  on  customers  that  are  in 
our  [local  access]  footprint  that  have  100%  or  maybe 
80%  of  their  needs  in  our  footprint,”  says  William  Stemper, 
a  Cox  vice  president,  who  came  to  the  company  14 
months  ago  after  25  years  at  AT&T.“So  by  definition,  we 
pick  up  a  different  type  of  a  customer  than  AT&T.” 

Ninety-five  percent  of  Cox’s  business  customers  have 
100  or  fewer  employees.  Total  telecom  expenditures 
within  the  company’s  region  is  more  than  $8  billion 
annually,  Stemper  says,  and  business  customers  within 
100  feet  of  the  network  spend  about  $3  billion  annually 

“We  think  there’s  a  fair  amount  of  growth  ahead  of  us,” 
Stemper  says. 

Location,  location,  location 

Traditional  telcos  also  are  gunning  for  that  business. 
Cox’s  differentiator  is  local  presence,  Stemper  says. 

“We’re  embedded  in  the  community]’  he  says.  Local 
Cox  officials  “are  not  wiring  Atlanta  headquarters  for 
approval. That  allows  us  to  be  very  nimble,  very  intimate 
with  the  customers.  These  are  customers  that  use  our 
services  when  they’re  at  home  and  have  done  so  for  a 
long  time.  So  they  understand  our  brand.” 

Cox  also  has  a  technological  differentiator  over  the  tel¬ 
cos  in  its  region,  Stemper  says.The  cable  operator  can 
offer  higher-speed,  higher-throughput  6M  bit/sec  cable 
modem  services  within  its  footprint  while  business  DSL 
services  from  the  telcos  tops  out  at  3M  bit/sec. 

But  the  telcos  have  a  much  bigger  regional  footprint 
than  the  cable  operators  and  have  had  so  for  a  long 
time,  Stemper  notes. They  also  serve  a  broader  customer 
base  than  Cox  can,  he  says. 

But  Cox  is  looking  to  broaden  too.  It  kicked  off  a 
National  Enterprise  campaign  earlier  this  year  to  attract 
the  business  of  larger,  Fortune  500  companies  needing 
local  services. 

“We’re  not  providing  them  a  nationwide  VPN  network,” 
Stemper  says.“We  serve  their  local  needs  of  how  they 
link  up  a  call  center  and  a  data  center  and  an  adminis¬ 
trative  office.  Or  how  they  might  be  backing  up  data 
centers.” 

Stemper  says  Cox  is  culling  through  lead  data  gener¬ 
ated  from  the  campaign.  But  he  says  it  so  far  has  led  to  a 
“strong  uptick”  in  orders  from  all  customers,  not  just 
large  corporations. 

One  such  customer  is  Care  New  England. The  Rhode 
Island  healthcare  consortium  had  outgrown  its  Internet 
service  and  required  higher-speed  interoffice  links 
between  five  main  healthcare  organizations  and  50 
remote  doctors’  offices  and  labs. 

Cox  set  up  a  virtual-area  network  to  connect  the  major 
sites,  pulled  fiber  into  three  hospitals  and  selected 
remote  locations,  and  connected  the  rest  of  the  remote 


Leaving  home 

With  the  number  of  at-home  workers 
expected  to  rise . . . 


. . .  and  SMBs  spending  billions  on  data  services 

Wireless  data  services  spending  in  2003: 

$5.97  billion 

Value-added  data  services  spending  in  2003: 

$2.15  billion 

. . .  cable  companies  have  high  hopes  to  expand 
beyond  their  residential  customer  base. 

Projected  cable  modem  service  spending 
by  U.S.  businesses  this  year:  $3.2  billion 

Projected  DSL  service  spending  by  U.S. 
businesses  this  year:  $3.3  billion 

SOURCE:  IN-STAT/MDR 


sites  to  the  VAN  over  384K  bit/sec  cable  modem  links. 

Care  New  England  chose  Cox  over  a  traditional  tele¬ 
phone  company  because  of  “flexibility”  and  cost,  says 
Howard  Rubin,  director  of  IS.'They’re  easier  to  work 
with,  more  flexible  in  terms  of  meeting  our  require¬ 
ments,  and  they  were  able  to  price  [our  network]  at  a 
lower  price. ...  No  issues  with  service  at  all.” 

The  only  snag,  Rubin  says,  is  when  Care  New  England 
purchased  some  telephony  services  from  Cox.The  cable 
company  was  “a  little  tight”  on  direct  inward  dialing 
numbers,  he  says. 

“It’s  difficult  for  all  the  organizations  to  get  numbers 
right  now;”  Rubin  says.“But  other  than  that  we  have  no 
complaints.” 

Also  in  the  game 

Charter  Communications  is  another  cable  operator  with 
a  unit  dedicated  to  deliver  business  services  to  corpora¬ 
tions.  Its  Charter  Business  group  does  about  $225  million 
in  sales  annually  and  is  growing  about  26%  per  year. 

Charter  declined  to  be  interviewed  for  this  story,  citing 
a  quiet  period  before  releasing  third-quarter  earnings. 
But  Charter  customer  Wisconsin  Rapids  School  District 
contracted  with  the  cable  company  to  connect  12  sites 
using  OC-3  ATM  over  fiber  and  100M  bit/sec  switched 
virtual  circuits  between  sites. 

“We  had  a  choice  between  Charter  and  the  local  tele¬ 
phone  company]’ says  Jeff  Gibson,  technology  supervisor 
for  the  school  district.'At  the  time,  Charter  was  in  the 
process  of  wiring  our  community.  So  when  we  asked  for 
quotes,  they  saw  it  as  a  way  to  piggyback  on  their  exist¬ 
ing  project.They  offered  us  bandwidth  that  was  100 
times  greater  than  what  the  phone  company  offered  us, 
at  about  one-fifth  the  price.  Obviously,  the  choice  was 
easy  to  make.” 

Charter  does  not  yet  offer  voice  telephony  service  in 
the  school  district’s  region;  but  if  it  does  when  the  dis¬ 
trict’s  current  contract  is  up  in  two  years,  Gibson  says  it 
will  be  considered.* 
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REASONS  TO  THINK  ABOUT 
HIGH-PERFORMANCE,  AFFORDABLE, 
64-BIT  IBM  SERVERS  WITH  INTEL® 
XEON™  PROCESSORS. 


IBM  GLOBAL 

FINANCING.  XTENDED  DESIGN 

ARCHITECTURE.’" 
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LIGHT  PATH 
DIAGNOSTICS. 


EASY  TO  BUY. 


36 

RESILIENT  ENOUGH 
TO  HELP  WEATHER 
THE  UNTHINKABLE. 

37 

UPTIME!!! 


11 

CALIBRATED 

VECTORED 

COOLING™ 

TECHNOLOGY. 
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HIGHLY  RELIABLE. 


MICROSOFT* 

READY. 


ISV 

EMBRACED. 


42 

FASTER  THAN 
EVER. 


51 

HOT-SWAPPABLE, 

REDUNDANT 

COMPONENTS. 


39 

VISIBLE 

ALERTS. 
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LINUX*  READY. 


1 

THE  X226. 


THE  X236. 
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IBM  STORAGE- 

SERVER 

COMPATIBILITY. 


PREDICTIVE 
FAILURE  ANALYSIS? 


FULL  SUPPORT 
FOR  INTEL'S  EM64T 
MEMORY 
CAPABILITIES. 


BRAND-NEW, 
FASTER  I/O 
FEATURES. 


43 

BETTER 

PERFORMANCE. 


61 

MIGRATE  WHEN 
YOU  WANT  TO. 


10 

SIMPLE  SWAP 
DRIVES. 
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SUSE  LINUX 
READY. 


34 

IBM  EXPRESS 
PORTFOLIO:" 
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HIGH,  HIGH  ROI. 


12 

UNBELIEVABLY 
ADVANCED  SYSTEMS 
MANAGEMENT. 


8  DIMM  SLOTS. 


(@  server* 


48 

CHIPKILL™  MEMORY 

OPTIONS.  EASY  T0 

INSTALL. 
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REDHAT  READY. 


58 

POWERFUL 
INTEL*  XEON™ 
PROCESSORS. 
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OPTIMIZED 
FOR  RACKS. 
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LOW,  LOW  TOO. 


60 

ENHANCES 
32-BIT  APPS. 
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INCREASED 

PRODUCTIVITY. 
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MODULAR 

EXPANSION 

OPTIONS. 
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HIGHLY 

AVAILABLE. 
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EASY  TO 
MANAGE. 


INTEGRATED 

RAID. 


NEW  LEVELS  OF 

PERFORMANCE 

DENSITY. 
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24-HOUR 

REMOTE  SUPPORT. 
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THE  X336. 


31 

REMOTE  MANAGEMENT 
FROM  ANYWHERE  ON 
THE  NETWORK. 

9 

FOOTPRINTS 
START  AT  1 U  X  27" 


64 

MAINFRAME-INSPIRED 

TECHNOLOGIES. 


32 

FOUR  HARD  DRIVES 
IN  A  1U  SERVER. 


53 

UP  TO  42  SERVERS  IN 
STANDARD  RACKS. 
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CREATED  FOR  MORE  JUICE. 

MID-SIZED 

BUSINESSES. 

44 


45 

HIGHLY  FLEXIBLE. 


6 

THE  DS400 

STORAGE 

ATTACHMENT. 


28 

VIRTUALIZATION 

OPTIONS. 


52 

AFFORDABLE. 


8 

PRICES  START 
AT  $1,179.' 


REMOTE  SERVICING. 


35 

REMOVE  “ADD  AN 
APP,  ADD  A  SERVER” 
FROM  YOUR 
VOCABULARY. 


56 

BUILT  WITH 
YOU  IN  MIND. 


62 

BETTER 

PERFORMANCE  WITH 
NEW  INTEL  XEON 
PROCESSORS. 
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MIRRORING. 
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PLAY. 
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WHY  IBM? 

The  IBM  eServer™  xSeries®  family  with  Intel  Xeon 
Processor-based  Xtended  Design  Architecture  is 
the  next-generation  architecture  designed,  priced 
and  supported  for  businesses  of  every  size. 

Giving  you  unbelievably  high  performance  at  an 
unbelievably  low  price. 

The  entry-level  x226  is  the  most  affordable  xSeries 
system  in  the  2-way  space.  The  x236  offers 
maximum  internal  scalability  in  an  IBM  industry- 
standard  tower.  Our  x336  gives  you  new  levels  of 
performance  density  in  a  2-way  rack-mounted  system. 
And  the  x346  offers  exceptional  scalability  and 
flexible  growth  in  a  2U  system. 

Of  course,  all  of  these  systems  are  powered  by 
state-of-the-art  64-bit  Intel®  Xeon™  Processors. 

Now  let’s  talk  about  storage  attachments  for  your 
eServer  xSeries  systems.  Let’s  talk  IBM  TotalStorage® 
systems.  The  entry-level  DS300  is  for  businesses  of 
any  size.  Rack-ready,  it’s  designed  to  let  you  pay  as 
you  grow.  The  very  hard  to  outgrow  DS400  is  xSeries 
storage  to  the  max.  Fast.  Expandable.  And  it  scales 
up  to  5.8  terabytes.2  Both  share  reliability  and  data 
protection  features  found  in  IBM  eServer  solutions. 

Now,  what  if  you’re  a  mid-sized  business  with  little  or 
no  IT  staff?  Enter  the  IBM  Express  Portfolio.  All  of  the 
above  xSeries  and  storage  products  offer  Express 
models,  specifically  designed  and  optimized  for  mid¬ 
sized  businesses.  IBM  Express  offerings  are  easy  to 
configure.  Easy  to  install.  Easy  to  manage.  And  easy 
on  the  checkbook. 

IBM  EXPRESS  PORTFOLIO  -  BUILT  FOR  MID-SIZED  BUSINESSES. 

m  DEMAND  BUSINESS" 


WHY  64-BIT? 

IBM’s  innovations  are  ideal  complements  for  64-bit 
Intel  Xeon  Processors:  light  path  diagnostics; 
Calibrated  Vectored  Cooling;  remote  monitoring; 

8  DIMM  slots.  We’ve  got  it  all. 

IBM  eServer  xSeries  systems  are  cost-effective  by 
almost  every  measure  of  TCO.  And  almost  every 
measure  of  ROI.  They  fit  in  standard  racks  and  are 
easily  scalable. 

Our  new  Xtended  Design  Architecture  works  with 
your  32-bit  industry-standard  apps.  And  your  new 
64-bit  industry-standard  apps.  And  those  32-bit 
and  64-bit  apps  that  are  still  ort the  drawing  board. 

WHY  NOW? 

This  is  the  future.  This  is  where  developers  are  going. 
Where  the  industry  standard  is  forming.  Where 
business  is  headed. 

The  transition  is  well  under  way.  Above  all,  64-bit 
is  stable.  It’s  reliable.  It’s  powerful.  It’s  fast.  It’s  here. 
And  we’re  paving  the  way. 

Every  64-bit-enabled  xSeries  server  is  designed  to 
have  more  memory,  which  allows  you  to  run  more 
powerful  apps.  And  if  you’re  reticent  about  making 
the  move  to  64-bit,  relax.  Xtended  Design 
Architecture  actually  enhances  your  32-bit  apps,  so 
you  can  do  more  with  what  you  already  have.  Do 
more  now.  Do  more  later.  Do  more  period  with  64-bit 
Intel  Xeon  Processors  and  IBM  Xtended  Design 
Architecture. 

These  servers  and  storage  units  are  designed  with 
one  thing  in  mind -you.  It’s  an  exciting  story.  You 
need  to  learn  more  at  ibm.com/eserver/64reasons 


IBM  web  price  for  the  xSeries  226  (2.8  Ghz  processor,  512  MB  memory,  80  GB  SATA  HDD),  current  as  of  10/18/04,  and  is  subject  to  change  without  notice.  Starting  price  may  not  include  a  hard  drive, 
operating  system  or  other  features.  Price  does  not  include  tax  or  shipping.  Reseller  prices  may  vary.  See  www.pc.ibm.com/us/eserver/xseries.  IBM  does  not  warrant  non-IBM  products.  'Terabyte  equals 
one  trillion  bytes  when  referring  to  total  disk  drive  capacity.  Accessible  capacity  may  be  less.  IBM,  the  e-business  logo,  eServer,  the  eServer  logo,  Calibrated  Vectored  Cooling,  ChipKill.  IBM  Express 
Portfolio.  Predictive  Failure  Analysis,  TotalStorage,  xSeries  and  Xtended  Design  Architecture  are  trademarks  or  registered  trademarks  of  International  Business  Machines  Corporation  in  the  United  States 
and/or  other  countries.  Intel.  Intel  Inside,  the  Intel  Inside  logo  and  Intel  Xeon  are  trademarks  or  registered  trademarks  of  Intel  Corporation  or  its  subsidiaries  in  the  United  States  and  other  countries.  Linux 
is  a  trademark  of  Linus  Torvalds  in  the  United  States,  other  countries,  or  both.  Microsoft  and  Windows  NT  are  trademarks  of  Microsoft  Corporation  in  the  United  States,  other  countries,  or  both.  Other 
company,  product  and  service  names  may  be  trademarks  or  service  marks  of  others.  ©2004  IBM  Corporation.  All  rights  reserved. 
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AND  STANDARDS 
SHAPING  YOUR  NETWORK 


LLDP-MED  simplifies  VoIP  deployments 


HOW  IT  WORKS 


LLDP-MED 

TIA’s  draft  standard  lets  endpoints  and  network 
devices  exchange  media-  and  iP  telephony-specific 
information,  aiding  in  VoIP  deployment. 


LLDP-MED 

advertisement 
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SNMP 
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VoIP  phone 
(media  endpoint) 


LAN  switch 


Network 

management  station 


O  The  switch  transmits  the  power  capacity  of  its  ports,  the  expected  virtual  LANs  for  voice  systems,  the  DiffServ 
Code  Point  for  media  traffic  and  a  location  attribute  that  represents  where  the  cable  attached  to  this  port  is. 

©  The  VoIP  phone  transmits  its  power  requirements  and  power  priority,  the  expected  VLANs  for  voice  systems, 
the  DiffServ  Code  Point  for  media  traffic  and  the  inventory  information  about  itself. 

©  The  network  management  system  queries  the  LAN  switch  for  detailed  inventory  information  for  VoIP  phones, 
and  uses  this  information  to  build  accurate  topology  maps  of  the  data  and  voice  infrastructure. 


■  BY  PAUL  CONGDON  AND 
DAVID  FRATTURA 

Many  companies  seeking  cost-effective, 
easily  managed  VoIP  systems  face  deploy¬ 
ment  obstacles  because  of  the  diversity  of 
convergence  products  in  the  marketplace. 
Corporations  also  are  challenged  by  the 
obligation  to  support  Emergency  Calling 
Services  (ECS)  that  include  E911,  which  is 
often  made  more  difficult  by  the  lack  of 
standards. 

The  Telecommunications  Industry  As¬ 
sociation  (TIA)  aims  to  make  it  easier  to 
deploy  and  troubleshoot  VoIP  networks. 
The  draft  TIA  standard,  Link  Layer  Dis¬ 
covery  Protocol-Media  Endpoint  Discov¬ 
ery  (LLDP-MED),  facilitates  information 
sharing  between  endpoints  and  network 
infrastructure  devices.  Such  data  will  sim¬ 
plify  the  deployment  of  endpoints,  enable 
advanced  device  firmware  management 
and  boost  support  for  E911  in  enterprise 
networks. 

LLDP-MED  is  based  on  the  IEEE’s 
802. 1AB  LLDP  which  is  slated  to  become  a 
standard  this  month.  LLDP  is  IEEE’s  neigh¬ 
bor  discovery  protocol,  which  can  be 
extended  by  other  organizations.  (See 
www.nwfusion.com,  DocFinder:  4424,  for  a 
Technology  Update  on  LLDP)  Information 
gleaned  from  network  devices  such  as 
switches  and  wireless  access  points  aids  in 
troubleshooting  and  enables  management 
systems  to  create  accurate  views  of  the 
network’s  topology 

LLDP-capable  devices  periodically 
transmit  information  in  messages  called 
Type  Length  Value  (TLV)  fields  to  neigh¬ 
bor  devices.  This  information  includes 
chassis  and  port  identification,  system 
name,  system  capabilities,  system  descrip¬ 


tion  and  other  attributes.  LLDP-MED 
builds  upon  these  capabilities  by  adding 
media-  and  IP  telephony-specific  mes¬ 
sages  that  can  be  exchanged  between  the 
network  and  endpoints.The  new  TLV  mes¬ 
sages  will  provide  detailed  information 
on  Power  over  Ethernet,  network  policy, 
media  endpoint  location  for  Emergency 
Call  Services  and  inventory 
The  Power  over  Ethernet  Management 
TLV  lets  endpoints  advertise  the  power 
level  and  power  priority  they  require,  and 
lets  network  connectivity  devices  advertise 
how  much  power  they  can  supply  These 
advertisements  let  switch  vendors  support 
advanced  power  management.  For  exam¬ 
ple,  a  switch  could  compare  the  power 


required  by  the  endpoint  with  what  it  can 
offer.  If  it  does  not  have  the  capacity  to 
meet  the  demand,  it  selectively  could  pro¬ 
vide  power  to  endpoints  designated  as  hav¬ 
ing  high  prioritysuch  as  a  lifeline  IP  phone. 

The  Network  Policy  Discovery  TLV  simpli¬ 
fies  deployment  of  large  multivendor  net¬ 
works  and  aids  in  troubleshooting.ThisTLV 
lets  endpoints  and  switches  advertise  their 
virtual  LAN  ID,  IEEE  Priority  and  Dif¬ 
ferentiated  Services  Code  Point  (Layer  3 
Priority)  assignments  to  each  other.  Net¬ 
work  administrators  can  quickly  locate 
misconfigured  endpoints.  While  IEEE 
802. 1AB  is  not  designed  to  be  used  for  con¬ 
figuration,  it  is  possible  for  vendors  of  end¬ 
points  to  let  these  devices  modify  their  set¬ 


tings  when  a  mismatch  is  discovered 
between  the  endpoint  and  network. 

LLDP-MED’s  Inventory  Management  Dis¬ 
covery  TLV  lets  an  endpoint  transmit  de¬ 
tailed  inventory  information  about  itself 
to  the  switch  to  which  it  is  attached.  This 
information  can  include  vendor  name, 
model  number,  firmware  revision  and  ser¬ 
ial  number.  When  a  switch  receives  this 
information,  it  will  be  stored  and  be  made 
accessible  to  the  network  management 
system  for  inventory  reporting. 

Finally,  the  TIA  is  considering  LLDP- 
MED’s  ECS  Endpoint  Location  Discovery 
TLV  as  a  method  to  enable  E911  within 
enterprise  networks.While  there  are  other 
standards  under  development,  the  LLDP- 
MED  method  is  well  suited  for  use  where 
adds,  moves  and  changes  are  common. 
The  TLV  contains  information  related  to 
the  telephony  wire  map  of  the  campus  or 
other  attributes  that  allow  for  the  resolu¬ 
tion  of  the  endpoint’s  exact  location. 
When  an  endpoint  receives  a  TLV  with 
ECS  location  data,  it  might  store  and  use 
that  data  when  it  needs  to  communicate 
with  a  Public  Safety  Answering  Point.This 
method  ensures  an  endpoint  is  capable 
of  discovering  accurate  location  informa¬ 
tion  no  matter  where  it  is  moved  to  with¬ 
in  the  network. 

Slated  to  become  a  standard  in  the  first 
half  of  2005,  TIAs  LLDP-MED  is  useful  in 
converged  networks  by  providing  network 
policy  power,  location  and  inventory  data. 

Congdon  is  an  HP  fellow  and  CTO  for  HP 
Procurue ,  and  Frattura  is  director  of  secure 
networks  marketing  for  Enterasys  Net¬ 
works.  They  can  be  reached  at  paul. 
congdon@hp.com  and  frattura@  enterasys. 
com,  respectively. 


Dr.  Internet  By  Steve  Blass 

We  want  software  that  takes  commonly  used 
industry  paper  forms  and  puts  them  in  a  SQL 
application.  We  want  to  hard-code  or  protect  the 
wording  so  it  can  only  be  struck  out  and  new 
words  inserted  in  a  different  font  with  none  of  the 
existing  form  words  changed  or  altered.  We  also 
want  users  to  fill  in  the  spaces  provided  with  their 
information,  and  let  the  space  grow  or  shrink 
depending  on  the  amount  of  data  input  Where 
should  we  start  looking? 


The  InfoPath  forms  we  described  in  a  recent  col¬ 
umn  (www.nwfusion.com,  DocFinder:  4430)  can 
do  these  things.  If  your  audience  is  broader  than 
Windows  2003  users,  look  towards  open  stan- 
dards-based  software,  such  as  Xforms  (Doc¬ 
Finder:  4431),  or  the  XUL  system  used  by  Mozilla 
(DocFinder:  4432),  which  can  build  dynamic  forms 
and  communicate  with  back-end  databases.  An 
Xforms  plug-in  for  Internet  Explorer  is  available  at 
www.formsplayer.com.  Mozquito  Deng  (http:// 


claus.packts.net)  is  an  Xforms  plug-in  in  Macro¬ 
media  Flash  that  works  in  browsers  supported  by 
Flash.  The  XMLSpy  tools  from  www.altova.com 
provide  support  for  generating  dynamic  XMl-dri- 
ven  forms  for  multiple  browsers,  and  includes  an 
end-user  desktop  editor  for  XML-based  content. 

Blass  is  a  network  architect  at  Change@Work  in 
Houston.  He  can  be  reached  at  dr.internet@change 
atwork.com. 


BUT  THE  YANKEE  GROUP  DOES. 


Microsoft 


" For  midsized  and  large  organizations,  a  significant 
Linux  deployment  will  neither  be  free  nor  easily 
accomplished.  In  fact,  respondents  at  large 
organizations  reported  that  a  wholesale  switch  to 
Linux  from  Windows B  or  Unix  would  significantly 
increase  TCO  for  the  forseeable  future." 

-Laura  DiDio,  The  Yankee  Group,  April  2004 
Linux,  Unix,  and  Windows  TCO  Comparison 


The  Yankee  Group,  a  global  research  and  consulting  firm,  concluded  that 
a  significant  switch  to  Linux  from  Windows  or  Unix  could  cost  three  to  four 
times  as  much  without  delivering  tangibly  better  performance  or  business 
value.  These  findings  are  based  on  a  non-sponsored  worldwide  survey  of  1,000 
IT  administrators  and  C-level  executives  in  midsized  and  large  enterprises. 

To  get  the  full  study,  visit  microsoft.com/getthefacts 


Windows 
Server  System- 


02004  Microsoft  Corporation.  All  rights  reserved.  Microsoft,  Windows,  the  Windows  logo,  and  Windows  Server  System  are  either  registered  trademarks  or  trademarks  of  Microsoft 
Corporation  in  the  United  States  and/or  other  countries.  The  names  of  actual  companies  and  products  mentioned  herein  may  be  the  trademarks  of  their  respective  owners. 
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GEARHEAD 
INS2DE  THE 
NETWORK 
MAGHiNE 

Mark 

Gibbs 


We  wonder  if  this  column  should  be 
renamed  “Last  week  we  were  . .  .’’as 
that  seems  to  be  our  standard 
entree  these  days.  But  just  to  break  the 
chain,  this  week  we  will  begin  a  little  dif- 
ferently:The  week  before  last  we  started  in 
with  the  question,  “Are  we  missing  some¬ 
thing,  or  is  Windows  XP’s  TCP/IP  imple¬ 
mentation  as  pathetic  as  we  suspect  it  is?” 

We  were  trying  to  set  up  a  multi-homed 
Windows  XP  machine  but  apparently 
could  only  do  so  if  all  addresses  were 
configured  as  static  IP  addresses.  In  other 
words,  it  appeared  if  you  had  a  single 
address  assigned  to  a  network  interface 
card  you  could  use  DHCP  but  if  you  had 
more  than  one  you  couldn’t. 

We  were  wrong  about  XP’s  TCP/IP  imple¬ 
mentation  being  pathetic  —  in  this  area.it 
isn’t  pathetic.it  is  merely  eccentric.lt  turns 
out  there  is  a  way  to  multi-home  a  net¬ 
work  interface  card  (NIC)  under  XP  and 
use  DHCP  and  static  IP  addresses. 

The  solution  is  obscure,  and  reader  Jeff 


Eccentricities  of  Windows  networking 


Adams  was  the  only  person  to  write  in 
with  a  link  to  a  Web  site  called 
MCSEworld  where  there  is  a  “how  to”  page 
on  the  topic  of  Windows  multi-homing 
configuration  written  by  Daniel  Petri. 

We  are  so  impressed  with  readers  like 
Adams  that  in  the  future  we  plan  to  refer 
to  everyone  who  supplies  an  answer  to 
one  of  these  wonderfully  obscure  prob¬ 
lems  or  provides  us  with  any  other  cool 
information  as  Special  Investigators. Thus, 
Jeff  Adams  will  now  be  Special  Investi¬ 
gator  Jeff  Adams  (badge  No.  001). 

Anyway,  the  answer  Special  Investigator 
Adams  provided  can  be  found  at 
www.nwfusion.com,  DocFinder:  4434. 

Being  the  kind-hearted  chaps  that  we 
are,  we  will  summarize  it  for  you: 

First  of  all,  we  begin  by  assuming  you  have 
one  IP  address  allocated  on  your  NIC  and  it 
is  set  to  be  assigned  by  DHCP 

So  far,  so  good.  Now  under  XP  and  Win 
98  you  need  to  fire  up  Regedit  (under  NT 
and  Win  2000  that  will  be  Regedt32). 

Under  Win  98  find  the  root  key 
“HKEY_LOCAL_MACHINE”  and  then  find 
the  subkey: 

\System\CurrentControlSet\Services\Cla 

ss\NetTrans 

Under  all  of  the  other  versions  of 
Windows  look  under  the  root  key 


“HKEY_LOCAL_MACHINE”  for  the  subkey: 

\SYSTEM\CurrentControlSet\Services\T 

cpip\Parameters\Interfaces\ 

Under  these  subkeys  you’ll  find  all  of  the 
NICs  in  your  PC  listed  by  their  COM  Class 
Identifiers  otherwise  known  as  Globally 
Unique  Identifiers  (GUID).For  example: 

(A8BF4  19B-8  185-4  396-B87A- 
2B6345BBC8E3} 

Be  careful  to  correctly  identify  which 
NIC  the  entry  refers  to  —  you’ll  find  multi¬ 
ple  GUIDs  listed  under  each  NIC  in  the 
registry 

When  you’ve  got  the  right  one,  you  need 
to  find  the  key  “IPAddress”  and  double 
click  on  it.  In  the  Edit  Multi-String  dialog 
that  appears,  enter  in  the  Value  Data  field 
each  of  the  static  IP  addresses  you  want  to 
assign  to  the  NIC,  one  value  per  line.  Note 
that  the  first  value  —  for  no  reason  we  can 
fathom  —  must  be  “0.0.0.0”. 

Now  find  the  “SubnetMask”  key  and  edit 
it  exactly  the  same  way  you  did  the 
“IPAddress”  key,  again  making  sure  the  first 
value  is“0.0.0.0”. 

For  these  settings  to  take  effect  under 
Win  98  you  need  to  reboot,  but  for  all 
other  Windows  versions  you  are  supposed 
to  be  able  to  reinitialize  the  connection 
(find  the  entry  under“Start  Menu  I  Settings 
1  Network  Connections”  followed  by  the 


We  plan  to  refer  to 
everyone  who  supplies 
an  answer  to  one  of 
these  wonderfully 
obscure  problems  as 
Special  Investigators. 

connection  you  edited  and  “Disable”  then 
“Enable”). 

For  some  reason  our  desktop  and  note¬ 
book  machines  running  XP  could  not  get 
the  changes  to  work  by  using  disable  then 
enable.  We  had  to  restart  before  the  new 
configurations  became  active. 

The  bottom  line  on  this  registry  tweak  is 
that  it  would  appear  that  simultaneous 
use  of  static  and  DHCP-assigned  IP 
addresses  was  something  that  Windows 
was  supposed  to  be  capable  of  doing  but 
it  was  just  overlooked.  Overlooked  in  all 
versions  of  Windows  from  Win  98  onward. 
How  eccentric  is  that? 

Get  your  Special  Investigator’s  badge  at 
gearhead@gibbs.  com. 


Cool 

Quick  takes 
on  high-tech  toys 

By  Keith  Shaw 


It’s  good  to  be  a  mobile  device 


A  recent  IDC  report  says  corporations  are  warming  to 
the  idea  of  converged  mobile  devices  for  their  em¬ 
ployees,  as  they  realize  that  such  devices  can  leverage 
personal  and  corporate  data 
with  more  flexibility  than  desk¬ 
top  and  notebook  computers. 

Improved  interactions  with  cus¬ 
tomers,  better  efficiencies  with 
suppliers  and  even  just  letting 
employees  make  the  most  of 
their  time  away  from  their  desks 
are  some  reasons  that  enterprise 
decision  makers  are  finding  favor 
with  mobile  devices,  IDC  says. 

Because  converged  devices  can 
handle  both  voice  and  data,  compa¬ 
nies  are  trending  toward  converged 
devices  as  opposed  to  something  like  a 
PDA.  IDC  estimates  that  corporations  will 
buy  7.41  million  converged  devices  in 
2008,  up  from  1.5  million  this  year.  Con¬ 
sumer  shipments  of  the  devices  are  even 
more  staggering  —  27.9  million  converged 
devices  in  2008  compared  with  3.3  million 
this  year. 

Some  new  entries  in  the  converged  mobile 


The  Treo  650  now  has  a  removable  battery. 


device  market  were  announced  last  week.  PalmOne 
announced  the  Treo  650  platform,  an  upgrade  of  its  pop¬ 
ular  Treo  600  smart  phone.  Sprint  announced  it  would  be 
the  first  carrier  to  support  the  Treo  650,  with  devices  avail¬ 
able  for  $600  at  the  end  of  this  month.  Sprint  also 
announced  a  new  Pocket  PC-based  device,  the  PPC-6601, 
marketed  by  Audiovox.  The  PPC-6601  is  expected  later 
this  month  for  about  $630. 

The  Treo  650  comes  in  two  flavors:  one  for  a  CDMA  lx  RTT 
network,  and  one  that  supports  the  GSM/General  Packet 
Radio  Service/Enhanced  Data  Rates  for  Global 
Evolution  wireless  networks.  The  Treo  650  fea¬ 
tures  a  high-resolution,  320-by-320  pixel  reso¬ 
lution  color  display  has  a  removable  and 
rechargeable  battery  an  improved  embed¬ 
ded  digital  camera  (palmOne  says  it  works 
better  in  low-light  situations),  and  a  better 
backlit  QWERTY-style  keypad.The  device 
now  stores  its  data  in  non-volatile  Rash 
memory  which  means  users  don’t  lose 
their  data  should  the  power  run  out  on 
the  device  (something  that  has  hap¬ 
pened  with  earlier  handhelds).  The 
device  also  supports  corporate 
e-mail  access  to  Microsoft  Ex¬ 
change  Server  2003  through 
its  VersaMail  software,  palmOne 
says. 

Other  features  include  an 
Intel  xScale  processor  (312 
MHz),  23M  bytes  of  storage 
space,  up  to  five  hours  of 
talk  time,  up  to  300  hours  of 
standby  time,  a  Secure  Digital 


I/O  (SDIO)  card  slot  and 
integrated  Bluetooth. 

The  PPC-6601  by 
Sprint  uses  an  Intel 
xScale  400-MHz 
processor  and 
runs  on  the  Win¬ 
dows  Mobile 
2003  oper¬ 
ating  system 
(the  Treo  650 
runs  on 

Palm  OS 

5.4).  It  offers 
128M  bytes  of 
memory  and  lets 
users  view,  create  and 
edit  documents,  including  those  from 
Microsoft  Excel,  Outlook  and  Word.  The 
PPC-6601  supports  Exchange  ActiveSync  for  over-the-air 
synchronization  of  email  and  calendar  information  with 
Exchange  Server  2003.  The  PPC-6601  also  has  embedded 
Bluetooth  and  a  built-in  SDIO  card  slot,  which  lets  users  add 
additional  storage  or  memory  to  the  device.The  device  has 
a  removable  lithium  ion  battery  that  offers  up  to  3.6  hours 
of  digital  talk  time  and  up  to  six  days  of  standby  time, 
Sprint  says. 

For  the  most  part,  both  devices  have  the  same  lists  of 
features  —  your  final  choice  might  come  down  to  the 
types  of  applications  you  need  to  give  your  employees 
access  to  (and  personal  feelings  toward  one  operating 
system  over  the  other). 


Sprint's  PPC- 
6601  supports 
over-the-air 
synchroniza¬ 
tion  with 
Exchange  2003. 


Shaw  can  be  reached  at  kshaw@nww.com. 


SecureLinx™ 


The  SecureLinx  product  family  is  a  complete  data  center  solution: 

>  SecureLinx  SLC  -  Console  management  (shown) 

>  SecureLinx  SLK  -  Remote  KVM™  over  IP 

>  SecureLinx  SLP- Power  management 


When  you  absolutely  can’t  get  to  your  IT  equipment... 
get  there  anyway.  The  data  center  is  the  lifeblood  of  your 
business.  Even  a  short  period  of  downtime  can  be  a  major 
problem,  so  when  something  does  go  wrong  you  need  to 
be  able  to  address  it  instantly.  With  SecureLinx  SLC,  you 
can  minimize  or  eliminate  downtime  and  keep  your 
business  afloat! 

SecureLinx  SLC  console  managers  from 
Lantronix  give  you  consolidated  access  so 
you  can  control,  diagnose  and  repair 
virtually  everything  in  the  data  center  via  their  serial  ports. 
You  gain  total  out-of-band  management  of  all  your 


Linux,  Unix  or  Windows®  2003  servers  (as  well  as  routers, 
switches,  telecom  equipment  and  building  access  devices). 

And  you  can  access  it  from  anywhere  over  the  Internet  - 
even  if  the  network  is  down  -  with  the  confidence  of  the 
highest  level  of  security  available.  SecureLinx  SLC  features 
SSL  and  SSH  encryption.  Plus,  it’s  the  only 
console  manager  with  a  NIST-certified 
implementation  of  Advanced  Encryption 
Standards*  Best  of  all,  it’s  easier  and  less 
expensive  to  implement  than  you  may  think. 

Don’t  let  your  data  center  ever  go  under! 

Call  Lantronix  today. 


Visit 

www.lantronix.com/info/ad001c/ 

for  your  free  console 
management  white  paper. 


LANTRONIX* 

Network  anything.  Network  everything 

©  Lantronix,  2004.  Lantronix  is  a  registered  trademark,  and  SecureLinx  and  Remote  KVM  are  trademarks  of  Lantronix,  Inc  *As  of  August  2004,  SecureLinx  SLC  is  the  only  ■  .  .  .  v 

console  manager  with  a  NIST-certified  implementation  of  Advanced  Encryption  Standards  as  specified  by  FIPS-197  (Federal  Information  Processing  Standards).  WWW.  1 3  Hi  rOP  IX.CO  fY)  (oOOJ  22~7055 
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John  Dix 

Keeping 
storage  growth 
in  check 

Information  life-cycle  management,  intelligent  storage- 
area  networks  and  virtualization  were  some  of  the  top¬ 
ics  that  dominated  the  thriving  Storage  Networking 
World  conference  in  Orlando  last  week,  which  was  hosted 
by  sister  publication  Computerworld  and  the  Storage  Net¬ 
working  Industry  Association. 

The  2,800-plus  crowd  heard  from  the  CEOs  of  prominent 
vendors  such  as  Hitachi  Data  Systems  and  Brocade 
Communications,  and  users  from  a  range  of  vertical  mar¬ 
kets,  from  healthcare  to  manufacturing  and  retail. 

The  presentations  by  these  buyers  served  to  put  the  whole 
storage  puzzle  in  perspective. The  problem  crested  in  2000 
when  data  was  growing  out  of  control  and  companies  were 
ill-equipped  to  deal  with  it. 

The  data  store  at  Northrop  Grumman,  for  example,  had 
mushroomed  from  5T  to  20T  bytes  in  four  years  and  by 
2000  was  growing  75%  year  over  year,  says  Paul  Seay  chief 
infrastructure  architect. 

“The  amount  of  data  created  compared  to  actual  busi¬ 
ness  growth  was  not  proportional,”  he  says.“In  the  paper 
world  we  used  to  discard  old  information.  We  don’t  do 
that  well  in  the  digital  world.”  So  the  company  put  the 
brakes  on  by  getting  smarter  about  what  it  stored  and 
how  it  stored  it,  and  today  has  slowed  data  growth  to  35% 
per  year. 

That's  still  significant,  Seay  says,  but  it’s  a  sign  of  the  times. 
With  more-sophisticated  users  relying  more  on  smart  appli¬ 
cations,  rich  content  and  email,  he  estimates  each  person 
generates  800M  byte  per  year. 

That’s  nothing  compared  with  requirements  in  the  med¬ 
ical  community  Robert  Cecil,  network  director  for  the  divi¬ 
sions  of  Radiology  and  Cardiology  at  the  Cleveland  Clinic 


opinions! 


Linux  at  the  desktop 

Regarding  “Doing  the  desktop  waddle”  (www.nw 
fusion.com,  DocFinder:  4422):  Linux  will  never  re¬ 
place  Windows  until  programmers  make  their  appli¬ 
cations  generic  enough  that  a  person  can  install 
them  on  most  Linux  flavors  without  having  to  jump 
through  compiles  and  dependency  hoops.  I’ve  given 
up  on  more  than  one  Linux  application  when  I  just 
got  tired  of  trying  to  install  it.  Even  the  big  Unix  plat¬ 
forms  have  easier  installers  than  I  find  in  Linux.  HP- 
UX  and  AIX  have  installers  as  part  of  the  operating 
system  that  most  programmers  use  for  installation, 
rather  than  trying  to  do  brute  source  compiles.  A  big 
breakthrough  would  be  a  generic  Linux  installer  to 
which  programmers  could  write. 

Also,  Linux  documentation  has  a  long  way  to  go. 
I’m  the  first  to  admit  that  many  Windows  help 
screens  are  next  to  worthless,  but  documentation  in 
Linux  still  seems  to  be  as  rare  as  hen’s  teeth. 

Joel  Tompkins 
Boise,  Idaho 

The  story“Doing  the  desktop  waddle”gets  it  wrong. 
Users  don’t  need  a  proliferation  of  competing  desk¬ 
tops;  the  Gnome  and  KDE  user  interfaces  are  more 
than  enough.  What  routine  and  casual  users  want  is 
familiarity  and  consistency  Clicking  an  icon  on  a 
KDE  desktop  is  no  more  difficult  than  clicking  one 
on  a  Windows  XP  desktop. 

The  story  also  neglects  to  mention  the  OpenOffice 
suite.  Because  OpenOffice  is  free,  downloadable  and 
usable  on  Windows  as  well  as  Linux,  it  provides  an 
excellent  way  in  which  to  effect  an  immediate  cost 
reduction  and  take  a  “toe  in  the  water”  approach.  In 
most  instances,  the  .xls,  .doc  and  other  files 
OpenOffice  produces  are  transparently  interchange¬ 
able  between  Windows  and  Linux  users  or  Windows 

E-mail  letters  to  jdix@nww.com  or  send  them  to  John  Dix,  editor  in 
chief,  Network  World,  1 18  Turnpike  Road,  Southborough,  MA  01 772. 
Please  include  phone  number  and  address  for  verification. 


and  Windows  users.  Furthermore,  Mozilla  provides  a 
browser  that  is  not  only  better,  but  also  more  secure. 

Companies  such  as  General  Motors  deploy  Open- 
Office  in  some  locations.  Others,  such  as  AT&T,  are 
seriously  considering  replacing  Windows  with  Linux 
(according  to  Bloomberg  News).  I  hope  that  in  the 
future,  you  will  present  a  more  informed  and  bal¬ 
anced  view  of  Linux. 

Antonio  San  Marco 
Los  Angeles 

Out  of  bounds 

In  his  BackSpin  column  “Today’s  menu:  Spam  and 
Wine”  (DocFinder:  4423),  Mark  Gibbs  shows  that  he 
completely  fails  to  understand  the  furor  over  the 
2004  Super  Bowl  halftime  show  and  has  no  inkling 
of  why  CBS  was  fined. 

CBS  was  fined  because  it  purchased  the  rights  to 
broadcast  the  Super  Bowl  and  the  halftime  show, 
and  was  completely  responsible  for  content.The  or¬ 
ganization  that  produced  the  halftime  show,  MTV  is 
owned  by  CBS.The  performers  were  under  contract 
to  CBS.  It’s  only  fair  and  fitting  CBS  was  fined. 

The  Super  Bowl  is  marketed  as  entertainment  and 
was  heavily  promoted  on  CBS.  Such  a  widespread 
marketing  campaign  obviously  includes  pre-teens 
and  adolescents.  If  I  took  my  12-year-old  son  to  a 
strip  club,  the  state  family  services  agency  would  be 
on  me  in  a  heartbeat.  If  a  25-year-old  woman  flashes 
a  10-year-old  boy  the  crime  ^“contributing  to  the  de¬ 
linquency  of  a  minorl’The  halftime  show  was  no  dif¬ 
ferent,  and  both  performers  involved  should  have 
been  charged.  This  was  a  premeditated  act  (what 
else  would  account  for  the  incredibly  Internet- 
searchable  phrase  “wardrobe  malfunction”?). 

1  still  have  a  say  in  what  my  kids  watch.  I  did  not 
have  a  say  in  what  I  had  expected  to  be  a  “family” 
halftime  show  that  ended  as  a  peep  show. 

Gerald  Gosewehr 
Warrenville,  Ill. 


Foundation, says  he  acquires  2T  bytes  of  data  per  week. 
When  mammography  goes  digital  the  average  file  size  will 
be  100M  bytes.  He  estimates  that  by  next  year  the  hospital 
will  be  adding  5T  bytes  per  week. 

Oh,  and  the  data  is  never  deleted.lt  is  critical  for  the  life¬ 
time  of  patients  and  can  be  useful  for  long-term  medical 
trend  analysis. 

All  of  which  helps  explain  why  companies  are  so  inter¬ 
ested  in  ILM,  which  is  broadly  defined  as  a  way  to  class¬ 
ify  information  according  to  its  business  value,  and  uses 
policies  to  move  it  among  tiered  storage  to  optimize  for 
performance  and  cost. 

Seay  from  Northrop  says  ILM  is  90%  policy  and  10%  tech¬ 
nology  “You  need  customers  to  understand  the  value  of 
data  so  they  don’t  argue  with  you  about  how  you  handle  it.” 
That’s  why  Northrop,  in  it’s  ILM  efforts,  is  focused  on  policy 
before  technology 


More  online!  www.nwfusion.com  Find  out  what  readers  are  saying  about  these  and  other  topics.  DocFinder:  4421 


—  John  Dix 
Editor  in  chief 
jdix@nww.com 
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Chuck  Yoke 


IIT  he  best  laid  plans  of  mice  and  men 
;lj  often  go  awry  and  leave  us  nothing 
ifl  but  grief  and  pain  instead  of 
promised  jo/Ftoet  Robert  Burns’ words  reflect 
many  IT  managers’  sentiments  regarding  pro¬ 
jects  that  started  strong  but  ended  miserably 
From  over-budget  enterprise  CRM  imple¬ 
mentations  to  costly  distributed  Web  infrastructures  to  highly  touted 
network  technologies  such  as  ATM,  IT  has  had  its  share  of  best  laid 
plans  that  went  awry  The  problem  is  not  that  any  of  the  technologies 
were  overrated.  Rather,  the  problem  is  that  the  planning  process  for 
these  technologies  was  anything  but  best  laid.  Planning  is  not  a  strong 
suit  of  many  IT  organizations. 

During  the  1990s,  there  was  a  glimmer  of  hope  for  strategic  architec¬ 
tural  planning.  Many  organizations  created  in-house  architecture 
groups  that  focused  on  integrated  application,  system  and  network 
planning.  These  groups  were  tasked  with  ensuring  that  the  networks 
being  deployed  facilitated  the  applications  being  developed,  which  in 
turn  were  analyzed  to  ensure  the  correct  systems  were  being  deployed. 
The  entire  process  was  business-driven,  ensuring  the  overall  IT  archi¬ 
tecture  met  business  goals. 

After  the  dot-com  bubble  burst  in  the  early  2000s,  companies  down¬ 
sized  IT  and  disbanded  architecture  groups. The  focus  was  on  point 
solutions  that  met  short-term  operational  needs  —  which  in  itself  was¬ 
n’t  bad.  Unfortunately,  many  IT  managers  associated  point  solutions 
with  “no  planning  needed,”  so  the  IT  planning  process  diminished 
drastically 


The  best  laid  plans 


Lest  anyone  e-mail  me  about  their  company’s  IT  planning  process,  I 
will  admit  that  IT  organizations  still  make  plans.  Strategic  plans  are  still 
written  and  distributed  to  senior  management.  Project  plans  are  abun¬ 
dant  and  very  detailed.  But  what’s  missing  is  the  crucial  planning  that 
occurs  between  strategic  goals  and  project-implementation  plans.This 
is  the  area  I  call  the  “IT  blueprint.”  Strategic  planning  states  where  IT  is 
going. The  IT  blueprints  details  how  IT  gets  there  and  how  everything 
fits  together. 

This  level  of  planning  is  crucial  to  the  success  of  new  technologies. 
Many  companies  have  VoIP  as  a  strategic  goal.  Some  of  these  compa¬ 
nies  have  specific  project  implementation  plans  for VoIPHowever,  with¬ 
out  the  IT  blueprint  showing  where  VoIP  fits  into  the  overall  architec¬ 
ture,  what  applications  will  utilize  it,  what  business  units  will  benefit 
from  it,  what  vendors  will  be  utilized,  how  it  will  interface  with  the  data 
network, and  what  the  overall  financial  implications  are  in  terms  of  tim¬ 
ing  and  deployment, VoIP  will  wind  up  being  another  best  laid  plan  that 
ultimately  goes  awry 

An  IT  blueprint  is  like  the  blueprint  of  a  house.  An  architect  might 
have  a  wonderful  concept, and  each  subcontractor  might  have  his  indi¬ 
vidual  detailed  plans  for  plumbing,  electricity  and  carpentry  but  with¬ 
out  a  blueprint  showing  how  everything  fits  together,  the  house  proba¬ 
bly  will  never  materialize. 

An  IT  infrastructure  built  without  proper  planning  —  whether  from 
mice  or  men  —  is  doomed  to  become  another  plan  gone  awry 


An  IT  infrastruc¬ 
ture  built  without 
proper  planning 
-  whether  from 
mice  or  men  —  is 
doomed  to 
become  another 
plan  gone  awry. 


Yoke  is  director  of  business  solutions  engineering  fora  corporate  net¬ 
work  in  Denver.  He  can  be  reached  at  ckyoke@yahoo.com. 


ABOVE  THE  CLOUD 

James  Kobielus 


iddleware  is  spaghetti  that  just  keeps 
looping  and  layering  new  approaches 
over  old.  The  industry  keeps  ladling 
more  sauce  over  the  mess,  in  terms  of  such 
nebulous  nomenclature  as  enterprise  appli¬ 
cation  integration, enterprise  information  inte¬ 
gration,  business  process  management  and 
message-oriented  middleware. 

The  latest  ingredient  in  the  middleware  recipe  is  the  buzzphrase  en¬ 
terprise  service  bus  (ESB).ESB  has  become  primarily  a  marketing  lure, 
promising  simple, speedy standards-based  multipoint  integration.  Crack 
open  most  middleware  vendors’  literature  these  days  and  you’ll  find 
grandiose  discourses  on  ESB  that  blur  the  boundaries  between  this 
approach  and  older  paradigms. 

If  ESB  has  any  substance,  it’s  primarily  as  the  latest  approach  for  reli¬ 
able,  guaranteed  messaging.  ESB  middleware  products  leverage  Web 
services  standards  and  interface  with  established  reliable-messaging 
MOM  protocols  such  as  IBM’s  WebSphere  MQ.Tibco’s  Rendezvous  and 
Sonic  Software’s  SonicMQ.  Common  features  of  ESB  products  include 
the  ability  to  bridge  heterogeneous  MOMs,  wrap  MOM  protocols  with 
Web  Services  Description  Language  interfaces  and  tunnel  Simple 
Object  Application  Protocol  (SOAP)  traffic  over  MOM  transports.  Most 
ESB  products  support  direct,  peer-to-peer  interactions  among  distrib¬ 
uted  applications  through  intermediaries  such  as  integration  brokers. 

Vendors  differ  in  their  ESB  support,  but  it’s  clear  the  market  category 
is  broad  enough  to  encompass  traditional  MOM  vendors,  plus  middle¬ 
ware  companies  such  as  Cape  Clear,  Fiorano,  IONA,  Fblar  Lake,  See- 
Beyond,  SpiritSoft,  Systinet  and  Vitria.  Any  company  that  offers  a  Java 
Message  Service  MOM  provider  or  supports  JMS  APIs  could  position 
itself  as  an  ESB  vendor.  Any  vendor  that  implements  the  emerging  Web 
Services  ReliableMessaging  (WS-RM)  specification  also  can  claim  to 
provide  ESB  tools. 

Of  course,  no  ESB  vendor  would  be  content  to  offer  just  a  reliable 


New  buzzword,  same  old  mess 


pipe.  So  vendors  throw  everything  into  their  ESB  crockpots  and  stir  vig¬ 
orously  MOM,  enterprise  application  integration, business  process  man¬ 
agement,  integration  brokers,  orchestration,  data  transformation,  pub¬ 
lish  and  subscribe,  event  notification,  content-based  routing,  transac¬ 
tions  —  they’re  all  ESB  (or  so  the  vendors  say). 

Enterprise  IT  professionals  need  integration  products  that  are  easy  to 
install,  configure,  administer  and  manage. They  need  middleware  that 
supports  robust,  standards-based,  any-to-any  integration.  They  need  to 
address  new  integration  requirements  inexpensively  and  quickly  rather 
than  in  multi-year,  high-risk,  budget-busting  megaprojects. 

Can  today’s  ESB  products  deliver  all  that?  Hardly  The  problem  is  not 
so  much  with  today’s  products  as  with  the  plethora  of  middleware  pro¬ 
ducts,  protocols  and  approaches  that  have  taken  root  in  many  compa¬ 
nies.  Organizations  have  invested  far  too  much  money  on  middleware, 
and  on  integrating  applications  via  legacy  middleware,  to  throw  it  all 
out  overnight  and  start  anew.  Most  real-world  integration  environments 
feature  middleware  products  from  several  vendors.  Many  of  these  were 
implemented  in  the  context  of  particular  tactical  projects,  or  to  inte¬ 
grate  a  specific  set  of  applications,  platforms  and  protocols. 

Consequently,  there  is  no  single  enterprise-wide  “bus”  in  most  compa¬ 
nies,  and  such  a  bus  is  not  likely  to  emerge  any  time  soon.  No  ESB  prod¬ 
uct  can  provide  a  singlebullet  solution  to  the  dizzying  range  of  inte 
gration  requirements. The  best  that  most  organizations  can  do  is  layer 
standards-based  integration  environments  over  the  stubborn  hetero¬ 
geneities  of  older  environments. 

The  term  ESB  is  just  a  catchall  phrase  referring  to  the  convergence  of 
MOMs  and  SOAP-based  Web  services.  We  shouldn’t  attribute  more 
meaning  to  the  term  than  it  deserves.  It’s  just  an  approach  for  connect¬ 
ing  the  middleware  meatballs  on  our  collective  plates. 


No  ESB  product 
can  provide  a 
single-bullet  solu¬ 
tion  to  the  dizzy¬ 
ing  range  of 
integration 
requirements. 


Kobielus  is  a  senior  analyst  with  Burton  Group,  an  IT  advisory  service 
that  provides  in-depth  technology  analysis  for  network  planners.  He  can 
be  reached  at  (703)  924-6224  or  jkobielus@burtongroup.com. 
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Meet  your  new  assistant. 


Introducing  the  EtherScope™  Network 
Assistant  -  your  eyes  into  the  network 
to  help  you  spot  problems  and  solve 
them  faster  than  ever.  You  don't  have 
time  for  trial  and  error.  Or  methods  that 
only  provide  part  of  the  picture.  That's 
why  Fluke  Networks'  new  EtherScope 
analyzer,  with  its  immediate  discovery  and 
fast  diagnostics,  helps  you  quickly  isolate 
urgent  problems  on  your  gigabit  network 
as  well  as  those  nagging  issues  that  may 
be  keeping  it  from  performing  at  optimum 
level.  Fast.  Accurate.  EtherScope.  So  you'll 
have  more  time  to  get  to  the  several 
dozen  items  on  your  "to  do"  list.  Visit  our 
web  site  and  check  out  the  virtual  demo. 
Then  request  a  test  drive  in  your  office  - 
on  your  network.  Decide  for  yourself 
whether  or  not  EtherScope  Network 
Assistant  will  be  your  next  new  hire. 
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EtherScope  m 
Network  Assistant 


Your  network  assistant  is  waiting 
to  show  you  what  it  can  do  to  help 
make  your  job  easier.  Just  go  to 

and  take  a  tour  of  the  virtual  demo. 
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of  advanced  technology,  industry  collaboration, 
consumer  education,  effective  legislation  and 
targeted  enforcement  against  illegal  spammers 
to  significantly  reduce  and  solve  the  spam  and 
phishing  problems.” 


SPAM,  PHISHING  AND  OTHER 
ABUSES  ARE  THREATENING 
TO  UNDERMINE  CONFIDENCI 
IN  THE  INTERNET.  WHAT 
WILL  IT  TAKE  TO  /  , 

SOLVE  THE  CRISIS  'j*. 
BEFORE  IT’S 
TOO  LATE? 


'tiiin  ■  *r.  t.r  it 


—  GEORGE  WEBB,  business  manager  for  the  anti¬ 
spam  technology  and  strategy  group  at  Microsoft 


“WE'VE  SAID  ALL  ALONG  with  CAN-SPAM 
that  legislation  isn't  going  to  solve  the  problem 
all  by  itself.  It's  going  to  take  a  mix  of  both  [leg 
islation  and  technology]  to  adequately  solve  it.” 

—  MICHAEL  GOODMAN,  staff  attorney,  Federal 
Trade  Commission 


“WE  WILL  NEVER  COMPLETELY  ELIMINATE 

[e-mail  abuses],  but  technology  can  push  the 
economic  wall  far  enough  so  that  it  isn't  prof¬ 
itable  to  do  this  anymore.” 

—  GREG  OLSON,  founder  and  chairman,  Seiiduiffjtf 
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-mail  is  arguably  the  most  pervasive  application  on  the  Internet,  but  its  under 
attack  by  an  onslaught  of  abuses  that  are  eroding  its  usefulness.  If  not  reined  in 
soon,  these  threats  could  change  the  nature  of  the  Internet  as  we  know  it. 


Problems  plaguing  e-mail  and  the  Internet  in 
general  have  hit  epidemic  proportions.  Few  users 
have  escaped  the  insidious  nature  of  spam,  and 
more  are  falling  victim  to  phishing,  a  growing 
form  of  online  identity  theft.  Viruses  often  carry 
malicious  code  able  to  turn  an  unsuspecting 
user’s  PC  into  a  “zombie”  that,  when  summoned, 
becomes  a  spam-blasting  mail  server. 

These  aren’t  problems  that  a  new  version  of 
Microsoft  Exchange  or  some  additional  disk 
space  can  fix. The  Internet  community  is  hard  at 
work  developing  technology  responses  to  these 
threats,  while  U.S.  regulators  seek  to  use  the  few 
legislative  tools  they’ve  been  given  to  crack  down 
on  e-mail  crime.  Unwanted  e-mail  has  become 
such  a  global  headache  that  international  orga¬ 
nizations  are  spearheading  efforts  toward  multi¬ 
national  anti-spam  laws  and  regulatory  bodies. 

“We  see  what  is  at  stake  is  no  less  than  the  pro¬ 
tection  and  preservation  of  the  Internet  as  we 
know  it,”  says  Robert  Shaw,  Internet  strategy  and 
policy  adviser  with  the  International  Telecom¬ 
munications  Union. 

Yet  all  these  interested  parties  agree  that  there  is 
no  practical  cure  to  e-mail  abuse,  there’s  only  con¬ 
tainment. 

Communications  crisis 

Statistics  tell  the  story  of  a  problem  that  isn’t 
about  to  go  away'iTie  ITU  estimates  that  spam 
makes  up  about  80%  of  all  e-mail  sent  across  the 
Internet  and  costs  the  global  economy  $25  billion 
annually  In  July  alone,  1,974  unique  phishing 
attacks  were  reported,  according  to  the  Anti- 
Phishing  Working  Group  (see  graphic  for  more 
statistics,  page  50). 

Worse  yet,  no  one  knows  what’s  lurking  around 
the  corner.  Spammers  have  notoriously  been  able 
to  stay  one  step  ahead  of  technology  and  in  their 
wake  have  created  an  entire  industry  of  spam  fil¬ 
tering  vendors  that  scramble  to  keep  up  with  the 


latest  tricks.  Phishers  create  e-mails  and  Web  sites 
that  are  practically  identical  to  those  they’re 
spoofing,  luring  even  savvy  computer  users  into 
identity  theft  traps.  The  viruses  that  are  turning 
computers  into  spam-sending  zombies  damage 
an  innocent  user’s  reputation  and  make  it  impos¬ 
sible  to  determine  the  real  source  of 
the  e-mail. 

In  the  world  of  e-mail,  the  abusers 
are  calling  the  shots,  and  the  tech¬ 
nology  industry  is  being  led  around 
by  the  nose. 

“If  you  talk  to  people  who  use  e- 
mail,  certainly  within  the  consumer 
ranks,  they’re  saying  it’s  too  much 
trouble  now,  there’s  too  much  junk,  and  it’s  just  too 
dangerous,”  says  Greg  Olson,  founder  and  chair¬ 
man  of  e-mail  software  maker  Sendmail.  “The 
whole  thing  is  in  jeopardy’ 

Yet  few  would  go  so  far  as  to  say  e-mail  will 
cease  to  be  a  popular  communication  mecha¬ 
nism.  Not  only  have  businesses  invested  too 
much  time  and  money  in  building  their  messag¬ 
ing  infrastructures  and  online  customer  relation 
strategies,  but  e-mail  has  become  ingrained  in 
Americans’  work  and  lifestyles. 

“We’ve  built  such  a  tremendous  dependency  on 
e-mail,  I  don’t  think  we’re  in  a  position  where  we’ll 
go  back  and  say  ‘I’m  going  to  start  calling  people 
or  writing  letters  again’”  says  Howard  Schmidt, 
chief  information  security  officer  at  eBay  and  for¬ 
mer  White  House  special  adviser  for  cybersecuri- 
ty“As  we  look  at  the  evolution  of  technology  we’ve 
overcome  things  and  moved  forward;  this  is  just 
another  thing  to  overcome.” 

Still, the  days  of  sending  and  receiving  messages 
without  risk  or  nuisance  appear  to  be  gone. 

Stopping  spam 

The  only  way  to  rid  the  world  of  spam  is  to 
make  sending  it  not  economically  viable.  The 
overhead  associated  with  blasting  spam  across 
the  Internet  is  so  low  that  spammers  require  only 
the  narrowest  response  rate  to  make  money  If  e- 
mail  users  ceased  responding  to  myriad  offers  to 
refinance  their  mortgages  or  buy  prescription 
drugs,  spammers  would  stop  sending  them. 

Short  of  making  sending  unsolicited  commer¬ 
cial  e-mail  illegal  —  which  Controlling  the 
Assault  of  Non-Solicited  Pornography  and 
Marketing  Act  (CAN-SPAM)  does,  but  only  under 
specific  circumstances  —  there  appears  to  be  no 
way  to  stop  spam. 

Clamping  down  on  phishing,  a  more  serious 
abuse  that  is  considered  a  form  of  fraud  and 
therefore  a  federal  offense,  means  having  to  find 
the  offenders  and  quantify  the  damages  to  their 
victims  —  something  federal  agencies  have 
found  challenging.  Meanwhile,  the  Federal  Trade 
Commission  reports  that  identity  theft  continues 
to  grow;  the  agency  received  214,905  complaints 
in  2003,  up  from  86,212  in  2001. 

With  eradication  of  e-mail  abuse  an  unob¬ 
tainable  goal,  technology  companies,  industry 
associations,  lawmakers  and  even  international 


“TECHNOLOGY  DOES  HAVE  A 

R0  [in  alleviating  abuses],  but  it’s 
not  efficient  to  solve  a  problem  solely 
with  technology. . . .  User  education  does¬ 
n't  hurt,  but  it  doesn't  always  work.” 

-  VINT  CERF,  senior  vice  president  of 
technology  strategy,  MCI 


bodies  such  as  the  U.N.  have  set  their  sights  on 
making  e-mail’s  problems  less  severe. 

While  opinions  differ  on  the  best  way  to  cut 
down  on  abuse,  everyone  seems  to  agree  it  will 
take  a  combination  of  new  technology, strong  leg¬ 
islation  with  serious  consequences,  vigorous  law 
enforcement,  end-user  education  and  interna¬ 
tional  coordination  to  fight  the  problem. 

Technical  tactics 

On  the  technology  front,  the  industry  seems  to 
be  coalescing  around  the  idea  of  adding  sender 
authentication  to  e-mail,  letting  recipients  veri¬ 
fy  the  source  of  a  message  (see  “Sender  authen¬ 
tication  hits  roadblocks,”  page  50).  By  verifying 
a  message’s  sender  (or  in  the  case  of  the  most 
popular  proposals,  the  domain  from  which  a 
message  was  sent),  such  technology  would 
close  the  loophole  left  open  by  SMTP  that 
allows  Internet  mail  to  be  anonymous. 

The  Internet  wasn’t  originally  designed  with 
sender  authentication  in  mind  because  no  one 
predicted  the  need  for  such  a  safeguard.”  When  I 
took  the  [Internet]  project  over  at  DARPA  in  ’76, 
the  system  didn’t  have  a  specific  authenticator  for 
every  message. ...  We  were  assuming  the  [user] 
community  was  trustable.  Now  we  know  that’s  not 
true,”  says  Vint  Cerf,  senior  vice  president  of  tech¬ 
nology  strategy  at  MCI,  who  is  widely  acknowl¬ 
edged  as  one  of  the  inventors  of  the  Internet. 

Some  purists  say  that  adding  authentication 
changes  the  essence  of  Internet,  which  has  been 
lauded  for  allowing  a  free  flow  of  communica¬ 
tion  that  transcends  economical,  geographical 
and  cultural  barriers. 

But  most  observers  take  a  more  pragmatic  view 
—  with  so  many  people  using  the  Internet  and  so 
much  money  to  be  made  exploiting  it, some  form 
of  accountability  was  bound  to  be  necessary 

“It’s  inevitable  that  when  you  have  this  kind  of 
wide  deployment  [of  the  Internet]  you  have  to 
encounter  issues  like  this,”  says  Sanjay  Fbl  [stet], 
vice  president  of  the  anti-spam  initiative  at 
Cisco.“lt’s  a  shame,  but  it’s  also  inevitable.” 
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“LEGISLATION  IS  A 
FUNDAMENTAL  PART 
of  any  country's 
anti-spam  approach.” 

-  ROBERT  SHAW, 

Internet  strategy  Jk 
t  and  policy  M 

adviser,  ITU 


Legislative  efforts 

Until  spammers  can  be  identified,  the  only  federal  law 
passed  to  help  fight  spam  remains  largely  useless.  CAN- 
SPAM,  which  went  into  effect  Jan.  l,has  done  little  to  stop 
unwanted  messages,  in  part  because  it  requires  enforcers 
to  be  able  to  find  violators.  That  is  a  tricky  task  on  the 
Internet  where  senders  easily  can  masquerade  as  some¬ 
one  they’re  not  and  where  a  large  percentage  of  spam 
originates  from  overseas,  outside  the  scope  of  the  law. 

“That’s  probably  been  the  primary  problem  [in  fighting 
spam], being  able  to  find  the  people” sending  it, says  FTC 
staff  attorney  Michael  Goodman.  “For  e-mail  without 

authentication,  it’s  too  easy  for  spam-  _ _ 

mers  to  violate  the  law  without  being 
detected.” 

Before  creating  a  “Do  Not  E-mail”  reg¬ 
istry,  much  like  the  “Do  Not  Call”  list  that 
prevents  telemarketers  from  dialing 
members’  numbers,  the  FTC  will  wait  for 
sender  authentication  to  take  hold, 

Goodman  says.  The  agency  is  hosting  a 
conference  next  week  to  examine  the 
different  sender  authentication  propos¬ 
als  and  ensure  “the  whole  spectrum  of 
interests  are  represented,  not  just  the  big 
players,”  he  says. 

The  goal  of  CAN-SPAM  was  not  to  cut 
down  on  the  amount  of  unwanted  mes¬ 
sages  hitting  in-boxes,  Goodman  adds. 

Instead,  its  endorsement  of  the  opt-out 
approach  —  preventing  marketers  from 
sending  e-mail  to  recipients  who  have 
asked  to  cease  receiving  it  —  only  makes 
sending  spam  illegal  when  marketers  vio¬ 
late  that  agreement.  “With  opt  out,  you  can  say ‘1 
don’t  want  to  hear  from  you,’  but  the  law  doesn’t 
have  a  lot  of  tools  to  reduce  the  volume  of  spam,”  Goodman 
says. “That’s  where  technology  has  the  biggest  role  to  play’ 

With  phishing  incidents  on  the  rise,  there  has  been  some 
movement  in  Congress  to  address  this  form  of  online  iden¬ 
tity  theft.  In  July  Sen.  Patrick  Leahy  (D-Vt.)  introduced  the 
Anti-phishing  Act  of  2004,  designed  to  make  phishing  a  fed¬ 
eral  crime  that  could  put  offenders  away  for  up  to  five  years. 
Current  law  states  phishing  is  a  crime  only  after  someone 
has  been  defrauded,  while  Leahy’s  bill  would  outlaw 
attempting  to  deceive  e-mail  users. 

Of  course,  federal  laws  have  no  effect  on  spammers  and 
phishers  bombarding  in-boxes  from  overseas.  In  the  past 
few  months,  international  bodies  have  highlighted  the  grow¬ 
ing  problem  of  international  abuse,  and  a  few  proposals  for 
action  have  emerged. 


International  involvement 

In  July  the  ITU  hosted  a  conference  where  Internet  reg¬ 
ulators  from  60  countries  met  to  discuss  the  need  for  reg¬ 
ulation  and  technology  to  control  e-mail  abuse.The  result 
was  a  call  to  all  governments  to  pass  anti-spam  laws  — 
currently  only  30  countries  have  done  so  —  and  appoint 
regulators  who  specifically  deal  with  unwanted  e-mail. 
With  more  countries  passing  anti-spam  laws,  an  interna¬ 
tional  memorandum  of  understanding  could  be  devel¬ 
oped  that  might  lead  to  cross-border  law  enforcement. 
The  group  realizes  that,  with  a  few  exceptions,  anti-spam 
laws  have  not  been  terribly  effective,  according  to  Shaw, 
and  plans  to  share  experiences  from  dif¬ 
ferent  countries  to  determine  what 
works  and  what  doesn’t. 

As  is  to  be  expected  from  any  interna¬ 
tional  organization,  the  effects  of  this  ini¬ 
tiative  won’t  happen  overnight.  A  report 
summarizing  the  working  group  on 
spam’s  recommendations  won’t  be 
released  until  November  2005. 

In  August,  the  Organization  for 
Economic  Cooperation  and  Develop¬ 
ment  (OECD)  established  a  task  force  to 
monitor  anti-spam  initiatives  by  its  30 
member  governments  and  study  related 
strategies.  The  study  will  be  conducted 
over  a  two-year  period  before  the  group 
suggests  best  practices  and  public 
awareness  campaigns. 

And  last  month,  the  FTC  announced  its 
Action  Plan  on  Spam  Enforcement, 
signed  with  agencies  from  15  countries. 
The  plan,  which  the  FTC  says  builds  on 
similar  efforts  by  the  ITU,  the  OECD  and  others, 
calls  for  the  creation  of  an  international  working 
group  on  spam,  as  well  as  increased  investigative  training 
and  establishing  points  of  contacts  for  each  country  to 
respond  quickly  to  enforcement  inquiries. 

While  e-mail  abuses  no  doubt  will  get  worse  before  they 
get  better,  some  people  are  heartened  by  the  coordination 
within  the  industry  and  among  lawmakers  and  internation¬ 
al  groups. 

“The  bottom  line  is  that  this  is  a  global  problem  that  affects 
consumers  and  business  users  worldwide,  and  it  is  going  to 
take  collaboration  by  everyone  —  leaders  in  the  technology 
and  other  vital  industries,  governments  and  even  users  —  to 
solve  this  issue,” says  George  Webb,  business  manager  for  the 
anti-spam  technology  and  strategy  group  at  Microsoft.  “The 
solution  won’t  appear  overnight,  but  collectively  we  are  mak¬ 
ing  great  strides.”* 
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Abuse  by  the  numbers 

Statistics  tel!  the  story  about  spam  and  phishing. 


Total  worldwide  e-mail  messages 
per  day  (in  billions) 

200  - 


The  cost  of  spam  per  corporate  user 
in-box,  per  year,  fora  10,000-employee 
organization  (in  dollars) 

300  - 


IS  Percentage 

(191) 

of  spam 

250  - ( $257 1 

200 
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There  are  about 

578  million  e-mail 
users  in  the  world, 

and  762  million  expected 
by  the  end  of  2008. 

SOURCE:  THE  RAD  I  CAT  I  GROUP 


1  u.s. 

2  South  Korea 

3  China 

4  Brazil 

spanvproducing  _ 

countries  Jj  Canada  and  Japan  (tie) 

SOURCE:  SOPHOS,  AUGUST  2004 


Sender  authentication 
hits  roadblocks 

Sender  authentication  won’t  completely  rid 
e-mail  in-boxes  of  spam  and  phishing.  Yet 
technology  has  emerged  as  a  useful  tool  in 
fighting  e-mail  abuses  by  giving  recipients  some 
clue  as  to  who  is  sending  them  messages. 

Many  sender  authentication  proposals  are 
being  developed,  including  DomainKeys,  an 
authentication  technology  that  uses  cryptogra¬ 
phy  from  Yahoo,  and  Identified  Internet  Mail 
from  Cisco  that  uses  attached  signatures.  The 
most  popular  proposal  is  Microsoft’s  Sender  ID, 
a  combination  of  the  company's  original  Caller 
ID  technology  and  Sender  Framework  Policy, 
developed  by  Meng  Weng  Wong  of  Pobox.com. 

In  June,  Sender  ID  was  submitted  to  the  IETF 
for  consideration  as  a  standard  by  the  organi¬ 
zation’s  MTA  Authorization  Records  in  DNS 
(MARID)  working  group. 

But  with  the  lETF’s  response  in  September 
that  Microsoft  rework  its  proposal  to  address 
concerns  over  the  technology’s  licensing  struc¬ 
ture,  and  the  subsequent  dismantling  of  the 
MARID  group  because  of  technology  disagree¬ 
ments  among  members  regarding  SenderlD, 
implementation  might  be  severely  delayed.  Last 
week  Microsoft  submitted  a  revised  version  of 
Sender  ID  to  the  IETF  with  hopes  that  the 
changes  it  made  will  satisfy  critics. 

Sender  ID  requires  organizations  to  publish  a 
list  of  their  e-mail  servers  that  recipients  can 
use  to  validate  the  domain  from  which  a  mes¬ 
sage  originates. 

Supporters  say  sender  authentication  will 
help  fight  phishing  because  senders  will  no 
longer  be  able  to  make  their  e-mails  look  like 
they’ve  been  sent  by  a  valid  company.  These 
proposals  won't  directly  curtail  spam  because 
plenty  of  spammers  don’t  hide  their  identity  to 
begin  with,  but  some  say  they  will  enable  a  new 
approach  to  filtering  unwanted  messages. 

“Sender  authentication  doesn't  cure  spam, 
but  it  gives  us  some  important  new  clues  in 
controlling  our  mail.  Once  you  know  mail  is 
legitimate  ...  it  makes  sense  to  shift 
the  strategy  away  from  the  current 
mail  filters  that  [weed]  out  the  bad 
stuff  and  switch  to  where  we  filter  in 
the  good  stuff,"  says  Greg  Olson, 
founder  and  chairman  of  e-mail  soft¬ 
ware  maker  Sendmail. 

But  others  question  the  effectiveness 
of  authenticating  a  sender's  identity. 

“Very  little  of  the  spam  I  receive  has 
an  identity  that  is  useful  in  making  its 
way  in,”  says  Steven  Bellovin,  AT&T  Fellow  and 
security  area  director  for  the  IETF.  As  for 
phishing,  sender  authentication  might  prevent 
spoofed  e-mail,  but  that  alone  won't  put  an  end 
to  the  scams.  “Sure,  [sender  authentication] 
might  prevent  [spoofing]  e-mail  from 
citibank.com,  but  it  won't  prevent  clever  phish¬ 
ers  from  creating  ecitibank.com  or 
citl  bank.com,  or  a  thousand  other  variations,” 
Bellovin  adds. 

—  Cara  Garretson 


SOURCE:  THE  R ADICATI  GROUP 
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Introducing  three  major  threats 
to  your  network  right  now 


the 

the 

and 

spammer, 

hacker, 

-  v:.:  -  ' 

. 

someone 
like  Larry. 

The  typical  office  worker  spends  1  week  a  year  sifting  through  spam.  The  average  server  down¬ 
time  after  virus  infection  is  17  hours.*  It’ll  only  take  Larry  10  seconds  to  declare  his  love  to  Barb 
in  accounting — and  the  13,000  contacts  in  your  customer  database. 

At  Sophos  we  know  the  causes  and  not-so-funny  consequences  of  bad  email.  More  importantly,  we 
know  how  to  stop  them.  Sophos  PureMessage  is  serious  anti-spam,  anti-virus,  anti-fraud  and 
anti-blunder  protection.  It’s  a  proven,  policy-based  solution  that  integrates  leading  technologies 
for  the  widest  coverage  and  the  strongest  defense.  If  you’re  evaluating  email  gateway  protection, 
Sophos  should  be  on  your  list.  Just  ask  our  25  million  users  around  the  world.  And  Larry. 

Download  free  white  paper,  “The  Spam  Economy:  The  Convergent  Spam  and  Virus  Threats” 
at  www.sophos.com/nww. 


SOPHOS 

WWW.SOPHOS.COM 


Sophos  PureMessage.  COMPLETE  EMAIL  GATEWAY  PROTECTION  FOR  YOUR  BUSINESS.  ., 


*  According  to  an  !DC  study,  “Average  Productivity  Cost  of  Spam  and  Savings  of  Anti-Spam  Solutions  for  Average  Firms  with  5 ,000 
Email  Users,”  and  ICSA  Labs'  “9th  Annual  Computer  Virus  Prevalence  Survey." 


Middleware  is  Everywhere 


Can  you  see  it? 
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Middleware 

Key 

MIDDLEWARE  IS  IBM  SOFTWARE.  And  with  IBM  Express 

Middleware  it’s  now  even  more  accessible  than  ever  for 
mid-sized  businesses.  It’s  nimble.  It’s  quick.  It’s  engineered 
to  work  with  your  current  IT  investments.  It’s  tailored  to 
meet  the  needs  of  your  specific  industry.  And  you  don’t 
need  a  Ph.D.  to  install  it.  All  that,  and  it’s  priced  to  put  a  big 
smile  on  Accounting’s  face. That’s  ON  DEMAND  BUSINESS. 

1.  Owners  know  customers’  preferences. 

2.  Branches  know  each  others’  inventory. 

3.  Employees  know  distributors’  stock. 

4.  No  seasonal  inventory  wasted. 

5.  Profits  bloom  dramatically. 

See  how  IBM  and  its  Business  Partners  help  companies  win  with  IBM  Express  at  ibm.com/middleware/express 

IBM  and  the  IBM  logoa^re^l8teredi5SS^?^^j^gJ^^lnternai^)l^Business  Machines  Corporation  in  the  United  States  and/or  other  countries.  2004'lBM  Corpprajioa 
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CIOs  gather  at  1 
Dartmouth  College 
to  share  ideas  on 
enterprise  security. 


■  BY  JOEL  SHORE 

Can  security  be  a  competitive  advantage?  Are  security  and  privacy  at  odds 
with  speed  and  collaboration?  How  has  Sarbanes-Oxley  complicated  the 
security  challenge?  And  how  do  you  balance  risk  and  security? 


Those  are  just  some  of  the  pressing  questions  23  promi¬ 
nent  IT  executives  and  academics  addressed  at  a  recent 
daylong  executive  roundtable  at  Dartmouth  College  in 
Hanover,  N.H. 

The  Thought  Leadership  Summit  on  Digital  Strategies  is 
an  ongoing  series  of  discussions  for  Fortune  500  CIOs  and 
vice  presidents  focused  on  the  business  issues  they  face 
and  the  enabling  role  of  IT.The  summit  was  co-founded  by 
the  Center  for  Digital  Strategies  at  Dartmouth’s  Tuck 
School  of  Business  and  Cisco. Network  World  President 
and  Editorial  Director  John  Gallant  moderated  the  event. 


Participants  represented  some  of  the  largest  and  most 
well-known  companies  in  the  U.S.,  including  Fidelity, 
Staples,  Citigroup,  Owens-Coming,  IBM,  General  Motors, 
Hasbro  and  Cisco.  On  the  academic  side.  Harvard 
Business  School,  Bentley  College,  Dartmouth  College  and 
the  Tuck  School  were  represented. 

The  executives  shared  with  peers  their  security  fears, 
goals,  frustrations  and  challenges.The  many  challenges 
include  protecting  the  network  against  internal  and  ex¬ 
ternal  attacks,  educating  and  training  employees  on  secu¬ 
rity  obtaining  adequate  funding  from  the  CEO  and  board 


of  directors,  complying  with  new  federal  regulations,  and 
making  sure  they  don’t  impede  the  company’s  business 
units.  w. 

“I  never  want  to  be  in  a  position  that  the  business 
wants  to  do  something  and  I’m  constraining  it,”  said  Max 
Ward,  vice  president  of  technology  at  Staples. 

There  was  widespread  agreement  on  that  point,  but  sev¬ 
eral  participants  noted  that  sometimes  they  can’t  avoid 
it.  IT  staffers  are  often  so  busy  putting  out  fires,  fighting 
viruses  and  applying  patches  that  they  don’t  have  time  to 
think  about  ways  to  make  the  business  function  better. 

The  issue  becomes  even  more  complex  when  you’re 
talking  about  the  extended  enterprise.“As  we  extend  the 
enterprise  out  to  the  suppliers,  having  to  deal  with  secur¬ 
ity  and  validating  that  this  guy  is  trusted  . . .  it’s  slowing 
that  process  down,  but  we  have  to  do  it.There’s  no  way 
around  it,” said  Doug  Schwinn  of  Hasbro. 

John  Moore  of  IBM  concurred. “You  really  want  to  be 
able  to  tie  two  networks  together  to  have  that  free  flow 

See  Security,  page  56 


Ken  Rathgeber  of  Fidelity 
Management  and  Research, 
makes  a  point  about  enterpris 
security,  while  John  Cianci,  cei 
ter,  vice-president  of  global  IT 
infrastructure  at  IBM,  and 
Robert  Austin,  right,  assistant 
professor  at  the  Harvard 
Business  School,  listen  intent^ 
during  a  summit  on  digital 
strategies  at  Dartmouth  Golief 
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Spam  and  virus  protection  at  an  affordable  price. 


•  No  per  user  license  fees 

•  Prices  starting  at  $1399 

•  Powerful,  enterprise-class  solution 


©Copyright  2004,  Barracuda  Networks.  Inc.  All  rights  reserved.  Reclaim  Your  Email, and  Barracuda  Spam  Firewall  are  either 
trademarks  or  registered  trademarks  of  Barracuda  Networks,  Inc.  and/or  it  subsidiares  in  the  United  States  and/or  other  countries. 


uda  Spam  Firewall 


Order  a  free  evaluation  unit  at 
www.barracudanetworks.com 


Aggressive  Reseller  Program 

POWERFUL  EASY  TO  USE  AFFORDABLE  Get  more  info  by  visiting  www.barracudanetworks.com/ISPCON 

or  by  calling  1-888-ANTi-SPAM  or  408-342-5400 
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Scott  Day,  global  information 
protection  manager  at  Cargill, 
left,  and  M.  Eric  Johnson, 
director  of  the  Center  for 
Digital  Strategies  at 
Dartmouth's  Tuck  School  of 
Business,  discuss  security 
issues  during  the  conference. 


look  at  a  manufacturing  facility, you  try  to  understand 
the  probability  of  a  failure  and  the  impact  of  that  fail¬ 
ure.  Looking  at  those  two  factors,  you  make  decisions 
about  how  much  you’re  willing  to  invest,”  he  said. 

Regulatory  concerns 

Federal  regulations,  particularly  the  Sarbanes-Oxley 
Act,  are  a  major  headache,  according  to  the  IT  leaders. 
They  said  they  were  especially  bothered  by  the  lack  of 
predictability  and  uniformity  in  terms  of  what  is  re 
quired  to  meet  the  regulations  and  in  how  those  regula¬ 
tions  are  interpreted  by  auditors. 

Hasbro’s  Schwinn  described  the  process  as  onerous 
and  complained  that  it’s  difficult  to  get  a  clear  under¬ 
standing  of  what  the  law  requires.The  goal  line  keeps 
changing,”  he  said. 

Staples’ Ward  put  it  this  way:“It’s  like  nailing  Jell-0  to 
the  wall. The  nature  of  that  legislation  is  that  it  lends 
itself  to  people  panicking  and  probably  doing  too 
much  and  still  not  knowing  if  they  are  going  to  be 
compliant.  And  it’s  probably  going  to  change  over  time. 
Whatever  you  get  audited  this  year,  it’s  going  to  be  dif¬ 
ferent  next  year.” 

“We  use  different”  auditors,  Cisco’s  Boston  said.“One  to 
tell  us  how  to  do  it,  and  the  other  to  test  it  to  do  it  right.” 

Schwinn  added, “Every  auditor  looks  at  it  differently 
too.  1  actually  had  one  level  of  review  the  other  day  We 
were  reviewing  disaster-recovery  components,  and  we 
had  our  plan.  We  had  documented  that  we  did  the  test 
but  then  the  auditor  says, ‘Prove  to  me  that  the  docu¬ 
ment  is  authentic.’  How  do  we  do  that?” 

Boston  argued  that  while  recent  financial  scandals 
spurred  these  regulations, “none  of  these  controls  will 
prevent  Enron  or  the  next  WorldCom  because  it  has 
nothing  to  do  with  what  happened.” 

International  regulations  with  regard  to  security  and 
privacy  add  another  level  of  complexity  IBM’s  Cianci 
said  Italian  privacy  laws  require  customers  to  opt  in 
before  a  company  can  send  them  e-mail.“If  you  don’t 
know  about  it,  your  chief  officer  in  Italy  is  going  to  jail,” 
he  said. 

European  Union  privacy  and  security  laws  have  slow¬ 
ed  Hasbro’s  business  initiatives, said  Michael  Elliott,  be¬ 
cause  each  country  interprets  the  regulations  differently 

For  other  issues,  such  as  ways  to  decrease  complexity, 


Security 

continued  from  page  54 

of  information,  but  if  Company  A  doesn’t  have  the 
same  security  standards  that  your  company  has,  you’re 
really  opening  up  your  door  to  everything  that  wants 
to  come  in.” 

Tire  emphasis  on  security  also  can  slow  innovation. 
Fidelity’s  Jim  MacDonald  said.  Fidelity  likes  to  work  with 
small,  innovative  tech  companies  that  can  “help  us  get  a 
competitive  advantage."  But,  if  the  company’s  security 
standards  are  not  up  to  snuff, “we’ve  gone  slower  creat¬ 
ing  partnerships  with  those  types  of  companies.” 

M.  Eric  Johnson,  director  of  Tuck’s  Center  for  Digital 
Strategies. said  information  security  today  has  similar 
qualities  to  how  it  was  20  years  ago:  bolted  on  not  built- 
in,  viewed  as  an  inhibitor  of  operations  and  residing  in  a 
“special”  department.“lt  must  move  to  being  designed  in 
at  the  start,  being  an  enhancer  of  operations  and  inter¬ 
nalized  throughout  the  company?’ he  said. 

The  security  advantage 

On  the  question  of  whether  stellar  security  can  be  a 
competitive  advantage,  most  took  the  position  that  secu¬ 
rity  is  a  prerequisite  for  doing  business,  but  not  necessar¬ 
ily  something  a  company  trumpets  in  the  marketplace. 

“Failure  in  security  that’s  what  gets  noticed.  If  you’re 
successful,  it’s  expected,” said  Jack  Matejka  of  Eaton. 

Hasbro’s  Ed  Kriete  took  a  similar  tack.“If  you  screw  it 
up,  there’s  going  to  be  real  consequences,  but  at  this 
point,  it’s  really  a  qualifier” 

Staples’ Ward  disagreed,  saying  one  of  the  reasons  the 
office  supply  store  is  taking  market  share  from  its  com¬ 
petitors  is  that  it  has  convinced  customers  that  “the  sys¬ 
tem  is  going  to  be  there  when  I  need  it.” 

Threat  matrix 

Unfortunately  in  todays  world,  every  company  is  a 
target  and  two  problems  weighing  heavily  on  IT  execu¬ 
tives  are  tiying  to  identify  where  the  threats  are  coming 
from  and  trying  to  assess  and  analyze  risk. 

For  these  IT  folks,  the  fear  factor  is  real. “What  I  worry 
about  is  emerging  threats  that  I  don’t  know  about,” 
Fidelity’s  MacDonald  said. 

Don  Kosanka  of  Owens  Corning  has  dealt  with  unse¬ 
cure  applications  that  were  written  when  factories  were 


isolated  from  the  rest  of  the  world  and  not  connected  to 
the  supply  chain. 

For  John  Cianci  of  IBM,  a  big  issue  is  protecting 
servers  in  IBM’s  labs. 

Cisco’s  Brad  Boston  faced  a  similar  situation: “We  had 
to  isolate  all  the  labs.They  were  my  biggest  source  of 
denial-of-service  attacks.” 

Other  concerns  are  employees  who  connect  from 
home  over  broadband  or  who  use  wireless  connec¬ 
tions,  and  employees  who  mix  personal  and  corporate 
data  on  their  personally  owned  BlackBerries  and  PDAs. 

When  it  comes  to  analyzing  risk,  Fidelity  has  a  solid 
approach.  MacDonald  uses  a  cyberthreat  matrix,  with 
the  likelihood  of  a  security  event  on  one  axis  and  the 
potential  effect  on  the  other.“The  top  right  quadrant  is 
our  best  analysis  of  what  requires  immediate  attention 
and  what  senior  executives  should  focus  on,”  he  said. 

Owens  Corning  uses  a  similar  process  to  assess  risk 
for  its  manufacturing  plants,  Kosanka  said. “When  you 


Thought 

Leadersh 

Summit 


on 

Digital 

Strategies 


Doug  Schwinn,  CIO  at 
Hasbro,  Max  Ward,  vice 
president  of  IT  at  Staples, 
and  Denise  Anthony,  assis¬ 
tant  professor  of  sociology 
at  Dartmouth  College,  talk 
about  the  need  to  educate 
college  students  about 
safe  security  practices. 
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there  are  no  easy  answers.  Some  panel 
members  said  they  would  like  to  reduce 
the  number  of  vendors  they  deal  with,  but 
worry  about  creating  a  single  point  of  fail¬ 
ure  or  becoming  too  dependent  on  one 
vendor. 

Many  spoke  about  the  desire  to  move  off 
the  Microsoft  monoculture  and  spread 
their  risk  among  multiple  platforms,  but 
there  was  agreement  that  such  a  strategy  at 
this  point  was  untried  and  risky 

The  metric  system 

Similarly  the  IT  executives  said  they 
struggle  with  finding  metrics  to  determine 
whether  they  are  spending  too  much  or 
too  little  on  security 

Scott  Day  global  information  protection 
manager  at  Cargill, said  that  determining 
how  much  you’re  spending  is  difficult.“Do 
you  count  directory  services  in  your  secur¬ 
ity  budget?  Do  you  do  ID  access  in  your 
security  budget?  In  my  opinion,  there  is  a 
wide  range  of  debate.You  take  all  that  and 
blend  it  together,  you  get  a  target  for  what 
you  think  you  as  a  corporation  need.You 
go  to  your  sponsors  and  stakeholders  and 
say ‘Here’s  why  we’re  reaching  that  level 
and  here’s  what  we’re  doing  from  a  finan¬ 
cial  standpoint.’  Either  they’re  happy  with  it 
or  they’re  not,”  he  said. 

There  are  limits  to  how  much  you  can 
ask  for,  Staples’ Ward  said. “We  know  we 
need  to  do  things,  [but]  I  am  not  going  to 
tell  our  CFO  that  we  need  to  do  some¬ 
thing  that’s  going  to  break  the  bank.” 

Education  is  key 

Keeping  employees  informed  and  up  to 
date  on  new  threats  is  as  essential  as  re¬ 
quiring  compliance  with  corporate  best- 
practices  policies.  With  some  corporations 
now  requiring  that  employees  sign  a  doc¬ 
ument  to  acknowledge  receipt  of  corpo¬ 
rate  security  guidelines,  accountability  for 
unawareness  or  careless  behavior  is  grow¬ 
ing  in  popularity 

At  Owens  Corning, “We  put  out  a  lot  of 
communications  about  recent  virus 
attacks  and  what’s  going  on.  We  talk  about 
what  we’ve  done  inside  our  company,  and 
then  we’ll  have  a  few  things  that  we  recom¬ 
mend  them  to  do  at  home,”  Kosanka  said. 

IBM’s  Cianci  offered  this  example:“We 
have  a  home  page  that  we  run  through 
the  corporation.  We  highlight  security,  and 
we  do  a  direct  link  to  our  security  portal. 
Any  type  of  virus  or  worm  or  anything, 
you  know  the  first  thing  to  do  is  hit  here.  It 
will  tell  you  exactly  what’s  going  on.  From 
an  education  point  of  view  ...  we  have  a 
corporate  instruction  that  goes  out  to 
every  employee,  and  it’s  line  manage¬ 
ment’s  responsibility  to  ensure  guidance. 
Then  there  are  audit  trails  to  see  that  gets 
implemented  worldwide.” 

Hasbro  has  a  similar  approach,  Schwinn 
said.“Every  employee  annually  signs  a  set 
of  security  guidelines.  [What]  we’re  see¬ 
ing  now  is  mass  e-mail  about  a  problem  . . 
.with  instructions. We  don’t  want  to  wait 
for  them  to  go  to  the  Internet.  We  want 
them  to  know  about  it.” 

At  the  end  of  the  day,  the  executives 
agreed  that  corporations’ security  needs 


will  continue  to  grow  but  must  be  imple¬ 
mented  in  a  manner  that  does  not  im¬ 
pede  core  business  activities. 

Each  participant  came  away  with  specif¬ 
ic  areas  on  which  they  planned  to  focus.“I 
guess  the  thing  I’m  left  with  is  thinking 
about  how  we  could  improve  the  commu¬ 
nication  that  we  make  as  an  IT  group  to 


our  user  base,”  Hasbro’s  Elliott  said. 

Added  Staples’Ward,“A  key  take  away 
with  me  is  the  whole  issue  of  we  really 
have  a  major  new  responsibility  I  think  in 
terms  of  educating  the  business  about  risk." 

And  Peter  Johnson,  CIO  of  Dartmouth- 
Hitchcock  Medical  Center, summed  up  the 
day’s  activities  this  way:“I  was  comforted 
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that  we  all  had  the  same  problems.  It’s  a  lit¬ 
tle  bit  of  personal  therapy 

Shore ,  a  technology  journalist  in  South- 
borough,  Mass.,  provides  product-strategy 
consultation  and  editorial-development  ser¬ 
vices  to  technology  companies.  He  can  be 
reached  at  www.joelshore.com. 
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Policy  management 


Configuresoft  succeeds  at  system 
compliance  management 


DM  BY  MANDY  ANDRESS,  NETWORK  WORLD  LAB  ALLIANCE 

efining,  monitoring  and  enforcing  Windows  system  configuration  has 
become  the  collective  oil  that  helps  keep  installation,  maintenance  and 
support  processes  running  smoothly  Not  to  mention  what  it  does  to  ease 
your  Sarbanes-Oxley  compliance  headache. 


With  its  intuitive  interface, great  flexibil¬ 
ity  and  automatic  compliance  function¬ 
ality  Configuresoft’s  Enterprise  Configur¬ 
ation  Manager  (ECM)  Version  4.5.2  is  one 
of  the  best  Windows-centric  programs 
we’ve  tested.  It  earns  our  Clear  Choice 
designation. 

While  its  roots  are  in  traditional  desk¬ 
top  configuration,  ECM  now  hones  in  on 
policy  management  and  compliance  by 
collecting  and  correlating  information 
from  servers  and  workstations  and  taking 
action  when  they  are  out  of  compliance 
with  the  defined  policy 

ECM  uses  an  agent-based  collection 
mechanism.  The  agents  are  pushed  out 
to  the  Windows  machines  via  a  process 
the  management  console  facilitates. 

The  three-tier  ECM  server  architecture 
consists  of  the  collector,  a  database  and 
console.The  collector  manages  gathering 
and  analyzing  data  the  systems  collect. 

The  console  is  a  four-module,  Web- 
based  management  program  that  pro¬ 
vides  access  to  all  of  ECM’s  features.  The 
console  module  provides  access  to  the 
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Company:  Configuresoft, 
www.configuresoft.com 
Cost:  $995  per  server,  $30 
per  workstation  and  a  20%  I  pi  r- »  q  puninr 
maintenance  fee.  Pros:  |  I/LlAI"!  UllUluL 
Welt  designed,  intuitive 
Web  console;  flexible  rule  and  policy 
creation.  Cons:  Insecure  communications 
protocol;  Windows-centric. 


The  breakdown 


Policy  definition  30% 


Compliance  enforcement  30% 


4.5 


4.5 


User  interface  25% 
Reporting  15%  4 
TOTAL  SCORE  4.55 


raw  data  the  managed  systems  collect. 
The  compliance  module  shows  the  rules 
and  reports  supported  for  setting  policy. 
The  reports  module  provides  templates 
to  view  system  information,  driven  by  a 
Crystal  Reports  engine.  The  administra¬ 
tion  module  provides  all  the  ECM  config¬ 
uration  settings, such  as  agent  installation 
and  user  management. 

The  ECM  engine  installation  had  mini¬ 
mal  issues. 

Installing  the  agent  software  out  to  the 
managed  systems  is  a  simple  process  that 
takes  only  a  few  mouse  clicks.  Once  the 
agents  are  installed  and  data  collected, 
ECM  is  ready  for  use.  By  default,  ECM  uses 
Distributed  Component  Object  Model  for 
agent  communications.  HTTP  communi¬ 
cation  is  a  second  option.  We  would  like 
to  see  Configuresoft  upgrade  these  com¬ 
munications  to  support  more  secure  pro¬ 
tocols  such  as  Secure-HTTP  (HTTPS). 

Using  the  console  module,  administra¬ 
tors  can  directly  change  configuration 
settings  for  individuals  or  groups.  A  few  of 
the  settings  ECM  manages  include  Win¬ 
dows  users  and  groups,  Windows  NT  File 
System  audit  settings,  NTFS  directory  per¬ 
missions,  installed  Microsoft  hot  fixes  and 
registry  key  permissions. 

One  of  the  best  features  of  ECM  is  its 
auto  compliance  functionality  Admini¬ 
strators  can  set  a  baseline  configuration 
that  all  systems  must  follow.  If  a 
system  comes  online  out  of 
compliance  or  if  someone 
makes  a  manual  change  while 
it’s  online,  ECM  enforces  the 
required  settings,  which  leaves  a 
full  audit  trail.  ECM  is  detailed  in  its  abili¬ 
ty  to  look  at  registry  key  permissions,  file 
permissions,  password  settings  and  patch 
levels,  and  then  take  corrective  action  if 
the  administrator  has  set  it  to  do  that. 

While  ECM  offers  an  automatic  compli¬ 
ance  feature  that  makes  configuration 
changes,  if  you  want  to  tie  in  patch  de¬ 
ployment,  you  need  to  use  Configure- 
soft’s  Security  Update  Manager  add-on. 

We  set  required  policy  settings  on  our 
Windows  2000  Server,  including  pass¬ 
word  policy  and  NTFS  directory  permis¬ 
sions.  We  changed  the  settings  on  the 


How  We  Did  It 


We  installed  ECM  4.5.2  on  a  Windows  2003  Server  (2GHz,  2G  bytes  RAM) 
running  IIS  and  SQL  Server  2000,  all  fully  patched.  We  installed  ECM 
agents  on  five  Windows  systems,  running  default  installations  of  Win 
2000  Server,  Win  2000  Professional,  Windows  XP  Professional  and  Win  2003 
server.  We  installed  the  ECM  agent  on  a  Win  2000  Server. 

We  modified  audit  settings,  password  policy  and  directory  settings  on  the 
Win  2000  Server.  We  set  them  as  a  mandatory  compliance  policy  and  set  e-mail 
alerts  on  systems  not  in  compliance  with  our  defined  policy.  We  then  changed 
the  settings  directly  on  the  computer  and  confirmed  ECM  alerted  us  to  the 
non-compliant  system  and  changed  the  setting  to  its  correct  value.  For  the 
remaining  systems,  we  enforced  the  SANS  Security  Windows  template  on  the 
default  installations. 

We  installed  Office  on  the  Win  2000  Professional  system  and  ran  the  “Soft¬ 
ware  Installation  over  Last  X  days”  report  to  confirm  it  collected  data  from  the 
system  on  new  software  installations.  We  also  ran  the  change  log  report  to 
confirm  the  changes  made  to  the  Win  2003  Server  system,  which  included  all 
the  configuration  changes  required  to  enforce  the  SANS  template. 


server  to  be  out  of  compliance  and  ECM 
changed  the  settings  back  to  the  compli¬ 
ance  configuration  immediately  after  its 
next  scheduled  check.  We  also  received 
an  e-mail  alert  we  set  up  to  receive  if  a 
system  was  out  of  compliance.  We  also 
could  have  configured  ECM  to  send  an 
SNMP  trap  or  write  to  the  event  log. 

ECM’s  components,  including  policy 
templates  and  individual  rule  settings,  are 
flexible  and  customizable.  Out-of-the  box, 
ECM  includes  pre-defined  best  practices 
for  operating  systems  and  key  infrastruc¬ 
ture  applications  such  as  SQL  Server,  Ex¬ 
change  and  IIS.  It  also  includes  a  compli¬ 
ance  template  for  the  SANS  Securing 
Windows  Guide.  Every  rule  and  template 
can  be  modified.  We  applied  the  SANS 
template  to  our  default  Windows  installa¬ 
tions  to  configure  the  systems 

ECM’s  polish  lies  in  its  Web  console.The 
layout,  color  scheme,  icons  and  workflow 
work  together  to  make  the  user  experi¬ 
ence  an  excellent  one.  With  the  level  of 
detail  available  in  ECM,  you  might  think 
that  the  console  could  get  overloaded 
quickly  but  the  user  interface  designers 
have  done  an  excellent  job  preventing 
the  user  from  feeling  overwhelmed  by 
information.  We’d  like  Configuresoft  to 
bump  up  the  security  a  notch  by  having 


the  Web  console  use  HTTPS  communica¬ 
tions  by  default  between  it  and  the 
administrator’s  machine. 

ECM’s  reporting  is  flexible,  customizable 
and  detailed.  Reports  can  be  generated 
that  show  which  systems  are  not  in  com¬ 
pliance  with  a  single  settings  pre-defined 
template  or  custom  policy  Reports  can  be 
generated  on  what  actions  have  been 
taken  to  enforce  policy  settings. 

For  managing  Windows  systems  config¬ 
uration  and  automating  policy  enforce¬ 
ment,  we  haven’t  found  a  better  product. 
The  ease-of-use  and  flexibility  of  ECM  pro¬ 
vides  the  means  to  deploy  a  secure,  self- 
sustaining  Windows  infrastructure. 

Andress  is  president  of  ArcSec  Technolo¬ 
gies,  a  security  company  focusing  on  prod¬ 
uct  reviews  and  analysis.  She  can  be 
reached  at  mandy@arcsec.com. 
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Improving  IT  infrastructure 

High-performance  businesses  need  a  strong  foundation. 


■  BY  JAMES  HALL 

In  too  many  companies,  IT  is  suffering  from  what  Accenture  refers  to  as  the  austerity  trap. 
It’s  a  trap  that  is  triggered  when  companies,  responding  to  short-term  pressure  for  greater 
earnings  —  and  suspicious  at  best  about  what  might  be  seen  as  inward  facing  IT  invest¬ 
ments  —  focus  only  on  cost-cutting  and  on  replacement. 


High-performance  organizations  avoid  the  austerity 
trap.  Our  research  shows  that  high-performance  organiza¬ 
tions  look  beyond  cost  alone  to  the  total  impact  of  a  tech¬ 
nology  project  —  to  its  ability  to  help  build  a  superior 
cost  position  and  faster  response  times  and,  as  a  result, 
greater  market  share. 

A  key  criteria  for  high-performance  is  a  solid  IT  infra¬ 
structure.  It’s  always  tough  to  get  business  executives 
excited  or  even  interested  in  discussions  about  technol¬ 
ogy  infrastructure.  However,  they  might  make  this  a 
greater  priority  if  they  understood  the  extent  to  which 
corporate  agility  can  be  hampered. 

But  more  surprising  is  the  extent  to  which  many  CIOs 
focus  all  their  attention  on  application  issues  and  push 
infrastructure  down  the  priority  list.  This  is  not  just  ill 
advised;  it  is  dangerous,  verging  on  negligent. 

Rigorous  demands  will  be  placed  on  IT  infrastructure  in 
the  coming  years.The  systems  and  networks  of  a  high-per¬ 
formance  business  or  government  must  be  able  to  do  the 
following: 

•  Handle  enormous  volumes  of  data  from  inside  and 
outside  the  firewall. 

•  Support  new  classes  of  applications  —  radio  fre¬ 
quency  identification  or  embedded  systems,  for  example. 

•  Deal  equally  with  multiple  types  of  structured  and 
unstructured  information. 

•  Respond  to  new  requirements  for  identity  manage¬ 
ment  and  data  security 

•  Accommodate  quick  and  extensive  changes  in  the 
requirements  placed  on  it  as  the  pace  of  doing  business 
accelerates. 

•  Support  collaboration  by  global  teams  and  an 
increasingly  mobile  workforce. 

Beyond  the  new  challenges,  companies  need  to  realize 
that  their  infrastructures  to  some  extent  have  been 
neglected  and  now  just  aren’t  up  to  the  task  of  supporting 
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high-performance  business  capabilities. 

That’s  the  situation  that  many  companies  and  govern¬ 
ments  have  to  deal  with  today.  Overcoming  that  obstacle 
requires  mastery  of  a  discrete  set  of  infrastructure  skills  in 
such  areas  as  networking,  data  center  operations  and 
security.  As  IT  departments  graduate  from  basic  to  pro¬ 
gressive  and  then  to  pioneering  skills,  they  contribute 
greatly  to  the  overall  performance  of  their  organizations. 

Adaptation  and  innovation 

Of  course,  much  good  work  is  being  done  already.  Many 
organizations  have  recognized  the  need  to  view  infra¬ 
structure  as  a  strategic  issue  and  are  beginning  to  see  the 
benefits. 

For  example,  about  two  years  ago,  Accenture  worked 
with  a  global  mobile  systems  supplier  on  a  global  IT  con¬ 
solidation  project  as  part  of  an  overall  infrastructure 
transformation.  Over  a  12-month  period,  this  large-scale 
transformation  effort  generated  nearly  $200  million  in 
cost  savings  and  reduced  annual  IT  costs  by  40%. 

Or  consider  that  in  2000,  faced  with  fierce  competition 
and  declining  operating  profits,  Accenture  worked  with 
one  of  Europe’s  largest  grocers  on  a  multi-year,  radical 
business  transformation  program  to  improve  its  stores 
and  customer  service,  its  supply  chain  and, above  all,  its  IT 
infrastructure.  As  a  result  of  this  program,  the  grocer 
improved  IT  service  levels  dramatically,  and  reduced 
associated  operating  costs  through  standardization  and 
consolidation  across  a  range  of  hardware,  database,  com¬ 
munications  and  applications  systems,  nearly  halving  its 
annual  IT  operating  costs. 

But  it  is  not  just  about  cost  savings. This  year,  Accenture 
is  embarking  on  an  infrastructure-related  project  with  the 
U.S.  government.  The  rationale  for  this  project  is  not  cost 
reduction  but  enhanced  capability:  an  identity-detection 
system  to  capture  the  entry  and  exit  data  of  visitors 
through  the  use  of  digital-finger  scans  and  digital  photos 
at  U.S.  ports  of  entry 

Start  with  a  plan 

So  what  practical  steps  can  be  taken  to  improve  the  strate¬ 
gic  value  of  your  infrastructure?  Accenture  recommends  a 
three-phase  process  for  infrastructure  transformation. 

First,  effective  consolidation  and  standardization  is  a 
good  start.  It  is  both  a  prerequisite  to  further  progress  and 


Top  technology  priorities  for  2004 

CIOs  recognize  the  importance  of  infra¬ 
structure  investments  in  enabling  innovation 
and  delivering  business  value.  Here’s  how 
those  issues  were  ranked  in  a  Gartner  survey. 

1.  Developing  an  efficient  and  flexible 
infrastructure. 

2.  Managing  an  efficient  and  flexible  infrastructure. 

3.  Security  enhancement  tools. 

4.  IT  performance  management  (efficiency). 

5.  Improving  the  total  cost  of  ownership. 

6.  Applications  integration/middleware/messaging. 

7.  Maintaining  a  standard  desktop  across  the 
enterprise. 

8.  Building  IT-enabled  inter-business  processes. 

9.  Network  infrastructure/management  tools. 

10.  Storage  management  and  employment. 

11.  Enterprise  portal  deployment. 

12.  Business  intelligence  applications. 


is  relatively  simple  to  accomplish  —  major  savings  that 
can  be  achieved  quickly  or  easily  Many  companies  are 
well  on  their  way  by  standardizing  technologies  onto 
fewer  platforms  and  eliminating  outdated  applications. 

In  the  second  phase,  companies  move  toward  infra¬ 
structure  virtualization  and  utility-style  IT  delivery, 
essentially  establishing  a  dynamic  and  scalable  utility 
computing  infrastructure  within  the  firewalls  of  their 
company. 

Finally,  in  Phase  3,  companies  extend  this  virtualization, 
and  the  dynamic  provisioning  it  enables,  beyond  organi¬ 
zational  walls  to  third-party  IT  resource  providers.  The 
business  case  is  there  to  justify  this  approach  to  infra¬ 
structure  transformation,  and  it  can  be  done  by  reinvest¬ 
ing  savings  achieved  from  a  more  efficient  infrastructure, 
in  some  cases  without  an  increase  in  your  spending. 

By  laying  a  strong  infrastructure  foundation,  organiza¬ 
tions  can  use  IT  to  deliver  innovation  and  achieve  high 
performance. 

Hal I  is  global  managing  partner,  Technology  &  Systems 
Integration  at  Accenture,  a  global  management,  consulting 
and  technology  services  and  outsourcing  company.  He 
can  be  reached  at  james.hall@accenture.com. 


Looking  for  a  secure 
console  server? 
Here's  a  handy 
shopping  list 


The  Dominion  SX  Secure  Console  Server.  Consider  this.  We  know  that  when  it  comes  time  to 

evaluate  which  product  to  buy,  you  have  to  look  at  the  nuts  and  bolts.  You  want  every  feature  possible  inside  the  best  performing,  most 
secure,  highly  flexible,  lowest  priced  product  on  the  market.  That’s  why  Raritan  packs  everything  it  can  into  every  data  center  management 
device  it  builds.  And  that’s  why  the  Dominion  SX  is  everything  you’d  expect  in  an  enterprise-class  secure  console  server.  Anytime,  anywhere, 
secure  access  and  command  line  control  of  every  device  it  touches.  We  think  it’s  something  to  consider. 


Get  your  copy  of  a  Free  White  Paper: 


"Secure  Console  Management:  Browser-based,  Command  Line  Interface,  or  Both?" 


Call  1-800-724-8090  x1434  or  visit  us  at  Raritan.com/1434 


c 


»*wuw 


Command 

Center 


The  Dominion  SX 
Secure  Console  Server 
is  a  core  building  block  for 
Raritan's  Complete  Data  Center 
Management  Solution 


Dominion 

Series 


Paragon  II 


IP-Reach 


2004  Raritan  Computer.  Inc.  Raritan,  Dominion.  CommandCenter,  Paragon,  and  IP-Reach  are,  trademarks 
or  registered  trademarks  of  Raritan  Computer,  Inc.  All  others  are  trademarks  of  their  respective  owners. 


When  you're  ready  to  take  control, 


www.nwfusion.com 


MERGING  MARKETS 


GTA  Firewall  Products 

Tough  Network  Security 


Choose  from  5  Firewall  Appliances  to 
Match  Your  Network  Infrastructure 


H2A  -  High  Availability 
Gigabit  Ethernet  Support 
NIC  expansions 
Affordable  pricing 


✓ 


✓ 


✓ 


Easy,  Flexible  Implementation 


✓ 


✓ 


Certified  to  ISCA  4.0  Corporate 
Standards 


✓ 


✓ 


GTA  Experience  -  Building 
Firewalls  for  Over  1 0  Years 


✓ 


✓ 


IPSec  VPN 

Surf  Sentinel®  2.0  -  Content  Filtering 


✓ 
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Technical  furniture  Solutions 


■ 


Unique  technical  furniture 
solutions  at  your  fingertips 

Total  Solutions  in 

>  enterprise  enclosures 

>  network  operations  centers 

>  monitoring  &  management  control 
Log  on  for  free  "Practical  Guide 

to  Cooling" 


PO  Box  431  •  Conklin ,  NY  13748 
1-800-SMC-PLUS  •  www.smcplus.com 
A  wholly  owned  subsidiary  of  Fisher  Hamilton,  LLC 


How  Do  You 
Distribute 

20,000  Watts  in 
Your  Cabinet? 

Sentry  CDU  Cabinet  Power  Distribution 


High-density  Equipment  Cabient  Power  Distribution 

84-Outlet  Receptacles 

20,000  Watt  3-Phase  Power  Distribution  Model 

10,000  Watt  208  VAC  Power  Distribution  Model 

True  RMS  Power  Monitoring  per  Branch  Circuit 
Local:  Digitial  Displays,  Remote:  via  Interface 

Input  Power  Monitoring  Facilitates  Load  Balancing 

Web  Interface 

SNMP,  MIB  &  Traps 

Integrated  Temperature  &  Humidity  Probes 

Color-coded  Outlets  by  Branch  Circuit/Electrical 
Phase  for  Easy  Identification 

Center  Rail  "Notch"  for  Simplifying  Cabinet  Installation 


©Server  Technology,  Inc.  Sentry  is  a  trademark  of  Server  Technology.  Inc. 
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Server 
Technology 

Solutions  for  the  Data  Center  Equipment.  Cabinet 

Power  demands  from 
today's  new  servers  require 
greater  power  distribution 
in  the  equipment  cabinet. 
The  Sentry  CDU  distributes 
power  for  up  to  42  dual¬ 
power  1 U  servers  in  one 
enclosure.  Single-phase  or 
3-phase  input  with  110  VAC, 
208  VAC  or  mixed  110/208 
VAC  single-phase  outlet 
receptacles. 


1 


Server  Technology,  Inc. 

1040  Sandhill  Drive 
_ _  Reno,  NV  89521 -USA 

loll  free  +1  800.835.1515 

tel  +1.775.284.2000 
l)  lax +1.775.284.2065 
www.servertech.com 
sales@servertech.com 


www.nwfusion.com 


How  much  can  your  network  analyzer  handle? 

Observer  is  the  only  fully  distributed  network  analyzer  built 
to  cover  your  entire  network  (LAN,  802.Ha/b/g,  Gigabit,  WAN). 
Download  your  free  Observer  10  evaluation  today  and  experience 
more  real-time  statistics,  more  expert  events  and  more  in-depth 
analysis  letting  you  monitor,  troubleshoot  and  manage  every  site 
on  your  network  with  one  complete  solution.  Choose  Observer. 

-SECUR  i  tv  EOriTROi-  Watch  for  virus  and  hack  attacks  to 
quickly  isolate  infected  areas. 

-RLERT  -  Setup  Triggers  and  Alarms  on  any  network  threshold 
and  be  the  first  to  know  of  network  issues. 

-HE  T work  OVERLOAD- Monitor  bandwidth  utilization, access 
point  utilization  rates  and  network  top  talkers  with  Real-Time  Statistics. 


US  &  Canada  toll  free  800.526.5958 

fax  952.932.9545 

UK  &  Europe  +44(0)  1959569880 

www.networkinstruments.com/analyze 


HETWORK  CMERLORD 
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A  KVM  switch  allows  single  or  multiple 
workstations  to  have  local  or  remote  access  to 
multiple  computers  located  in  server  rooms  or 
on  the  desktop  regardless  of  their  platforms 
and  operating  systems.  KVM  switches  have 
traditionally  provided  cost  savings  in  reducing 
energy  and  equipment  costs  while  freeing  up 
valuable  real  estate. 

Recognized  as  the  pioneer  of  KVM  switch 
technology,  Rose  Electronics  offers  the 
industry's  most  comprehensive  range  of 
server  management  products  such  as  KVM 
switches,  extenders  and  remote  access 
solutions.  Rose  Electronics  products  are 
known  for  their  quality,  scalability,  ease  of  use 
and  innovative  technology. 

Rose  Electronics  is  privately  held  with  world- 
headquarters  in  Houston,  Texas  and  sells  its 
products  worldwide  through  a  large  network  of 
Resellers  and  Distributors.  Rose  has 
operations  in  the  United  Kingdom,  Spain, 


Germany,  Benelux,  Singapore  and  Australia. 


Rose  Electronics 
10707  Stancliff  Road 
Houston,  Texas  77099 


ROSE  US  +281  933  7673 

ROSE  EUROPE  +44  (0)  1 264  850574 

ROSE  ASIA  +65  6324  2322 

ROSE  AUSTRALIA  +617  3388  1540 


SERVERS  WITHIN  YOUR  REACH 
FROM  ANYWHERE 


UltraMatrix  Remote" 

REMOTE  MULTIPLE  USER 
KVM  MATRIX  SWITCH 
ACCESS  OVER  IP  OR  LOCALLY 


UltraConsole 

PROFESSIONAL  SINGLE-USER 
KVM  SWITCH  SUPPORTS  UP 
TO  1000  COMPUTERS 


•  Connects  1,000  computers  to  multiple  user  stations 
over  IP  or  locally 

•  High  quality  video  up  to  1280  x  1024 

•  Scaling,  scrolling,  and  auto-size  features 

•  Secure  encrypted  operation  with  login  and  computer 
access  control 


•  Connects  up  to  1000  computers  to  a  KVM  station 

•  Models  for  4,  8,16  computers 

•  Advanced  visual  interface  (AVI) 

•  Compatible  with  Windows,  Linux,  Solaris,  and  other  O/S 

•  Connects  to  PS/2,  Sun,  USB,  or  serial  devices 

•  Converts  RS232  serial  to  VGA  and  PS/2  keyboard 


•  Advanced  visual  interface  (AVI) 

•  No  need  to  power  down  servers  to  install 

•  Free  lifetime  upgrade  of  firmware 

•  Available  in  several  models 

•  Easy  to  expand 

800  333  9343 

WWW.ROSE.COM 


Free  lifetime  upgrade  of  firmware 

Security  features  prevent  unauthorized  access 

Full  emulation  of  keyboard  and  mouse  functions  for  automatic, 

simultaneous  booting 

Easy  to  expand  _  _  _ 


SIM. I  r  LA 


EMERGING  MARKETS 


www.nwfusion.com 


Control  Powes1  on  Any  AC 
Powered  Device ... 

Via  Welt  Browser,  Telnet, 

Modem  or  Local  Terminal 

Servers,  routers,  and  other  electronic  equipment 
occasionally  “lock-up”,  often  requiring  a  service  call 
to  a  remote  site  just  to  flip  the  power  switch  to  perform 
a  simple  reboot.  With  WTI’s  Remote  Power  Switches, 
you  can  perform  reboot  and  On/Off  control  from 
anywhere! 


© 

© 

© 

© 

© 

© 

© 

© 
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Web  Browser  Access  for  Easy  Setup  and 
Operation 

Encrypted  Password  Security 

Dual  15  Amp  Power  Circuits 
Total  30  Amps  Maximum  Load 

115  VAC  and  230  VAC  Models 
Sixteen  (16)  Individual  Outlets 
RS232  Modem  /  Console  Port 
Network  Security  Features 
Power-Up  Sequencing 

Also  Available  in  4,  8  &  16  Plug  Models  and 
Horizontal  1U  and  2U  Models 

Web  Browser  Interface 
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Want  an  On-Line  Demo? 

Just  call  or  email  and  you’ll  see  for  yourself  why  so  many 
network  professionals  choose  WTI. 


Yes,  We  are  Customer  Friendly! 

/  Two  Year  Warranty 
V  We  Stock  for  Same  Day  Shipment 
>/  30  Day  No-Fee  Return  Policy 
V'  Start-up  Cables  and  Rack  Kits  Included 


□ 


Dual 

Power 

Inputs 


>del 

NBB-1600 

www.wti.com 


western  telematic  incorporated 

5  Sterling  •  Irvine  •  California  •  92618-2517  •  (800)854-7226 


FIBER  OPTIC  SOLUTION^ 

Tl/El  &  T3/E3  Modems 
RS-232/422/485  Modems  and 
Multiplexers 

IBM  3270  Coox,  AS400  Twinax,  and 
RS6000  Modems  and  Multiplexers 
LAN  -  Arcnet/Ethernet/Token  Ring 
Video/Audio/Hubs/Repeaters 
ISO-9001 

USB  Modem  and  Hub 


9.1.  U 

Toll  Free  866-SITech-l 
630-761-3640,  Fox  630-761-3644 
www.sitech-bitdriver.com  or  www.sitechfiber.com 
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Climate  Monitor 

$389 


Ethernet/Web 

Rack  Mounted 

Temperature 

Air  Flow 

Monitor  Multiple  Cabinets 

Humidity 

HTML  (no  client  needed) 

Door  position 

SMTP  (e-mail  alerts) 

Sound 

SNMP  (MIB,  Traps) 

Light  Level 

Graphing 

Power 

Video  optional 

16  external  sensors 

Console 

O  IT  Watchdogs 

See  it  working  at: 

www.rTWatchdogs.com 

http://63.237.104.17 

512-257-1462 

Systems/Features/Memory 


GBics/Cables/Parts 

Also  Available:  Extreme,  Adtran 

in  Stock  •  Fast  Delivery  •  No  Expedite  Charges 

COMSTAR,  INC. 

The  # 1  Network  Remarketer 

952*835*5502 

Fax  952*835*1927  www.comstarinc.com 


Luggage,  Fine  Leather  Goods, 
Gifts,  and  more! 

Tumi,  Hartmann,  Andiamo, 
Samsonite,  Cross 
10%  discount  for  Network 
World  readers 
Enter  code  NWW2004 


;,iyM  tails 


Reading  someone 
else's  issue  of 

NetworkWorld? 

Subscribe  today  and  receive  your  own 
1-year  subscription  for  FREE  - 

a  $129.00  value! 

Go  to  http://subscribenw.com/mynw  for  your  free  subscription. 
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IT  Careers:  Does  this  Employer  Value  Diversity? 

ompanies  covet  a  reputation  for  valuing  diversity.  They  Ceja  says  appearances  do  count,  on  the  website  and  in  real 
advertise,  they  talk,  they  count.  But  for  those  IT  life.  "Are  there  individuals  (of  diverse  backgrounds)  in 

positions  of  leadership?"  she  asks.  "Seeing  this  (for  any 
person  of  diversity)  is  invigorating  in  terms  of  the 
possibilities  it  represents.  I  advise  people  to  drill  up  further 
-  look  at  the  executive  committee  and  at  the  board  of 
directors.  Look  for  transparency  in  terms  of  how  open  the 
organization  is  about  its  progress  in  valuing  diversity.  Is  it 
something  they  report  on  annually?" 


professionals  defined  as  “diverse",  how  do  you  know 
for  sure? 


The  Four  Stages  of  Diversit 

1 .  Affirmative  Action 


Complying  with  Federal,  State  and  local 

laws  around  equal  opportunity  and  affirmative  action. 


It's  a  question  that  Annette  Merritt  Cummings  and  Martha 
Ceja  spend  their  careers  evaluating.  Cummings  is  vice 
president/national  director  of  Diversity  Services  for  Bernard 
Hodes  Group.  Ceja  is  a  strategist  with  the  group,  based  in 
Silicon  Valley. 


The  Diversity  Services  organization  looks  at  valuing 
diversity  as  a  process  of  moving  from  an  initial  point 
through  four  phases  that  end  with  inclusion.  Cummings 
defines  inclusion  as  acceptance  of  the  ideas  and  talents 
that  all  people  bring  to  an  organization,  a  long  journey 
from  initial  training  that  helps  an  organization  understand 
why  diversity  matters  from  a  business  stance. 

Cummings  says  there  are  specific  queues  as  to  the  progress 
along  that  continuum.  "The  first  place  you'd  go  in  looking 
at  a  company  is  probably  to  its  website.  Do  they  have 
affinity  groups?  Is  the  site  in  more  than  one  language,  such 
as  Chinese,  Spanish  or  other?  How  many  clicks  does  it  take 
you  to  get  to  some  mention  of  diversity?  If  it  takes  six  or 
seven  before  there's  any  mention,  that  tells  you  this  is  not 
one  of  the  company's  higher  priorities  or  that  the  human 
resources  or  diversity  organizations  has  lost  the  battle  for 
(website)  real  estate." 


In  addition,  the  two  diversity  leaders  have  advice  for  IT 
professionals  looking  at  a  career  change.  "If  I  were  looking 
at  new  opportunities,  I  would  look  first  at  an  industry  that 
fascinates  me,  beyond  the  IT  application,  because  that's 
where  the  jobs  are  -  not  in  pure  IT  companies,"  says  Cummings. 
The  industries  closest  to  the  consumer,  such  as  automotive 
and  consumer  products,  are  marketers  by  definition  and 
understand  the  changes  in  the  marketplace  in  this  country. 
They  have  embraced  diversity  at  a  more  aggressive  rate." 

Cummings  also  points  to  government  agencies  as  major 
players  in  the  future  of  the  IT  profession.  Agencies  ranging 
from  the  CIA  to  the  Office  of  Personnel  Management  are 
hungry  for  IT  skills;  up  to  70%  of  the  senior  managers 
in  federal  government  are  expected  to  retire  in  the 
next  five  years.  "These  aren't  just  entry  level  jobs  -  these 
are  careers." 

Ceja  says  for  IT  professionals  there  is  a  distinct  advantage 
-  skills  mean  everything.  "In  Silicon  Valley,  if  you  have  the 
skills,  this  becomes  a  color-blind  profession  in  some  ways, 
"these  are  careers,"  she  says. 


Celebrating  diversity  and  providing  diversity  training. 
Marking  Black  History  month,  Women's  History  month, 
etc.  Appreciating  the  fact  that  diversity  can  add  value 
to  your  organization  and  help  you  achieve 

your  goals. 


This  is  where  you  change  your  culture.  This  is  the  hard 
work.  This  is  changing  attitudes  so  that  everyone  is 
embracing  the  value  of  diversity.  Everyone  understands 
the  business  case.  At  this  stage,  you  start  holding 
people  accountable.  You  may  include  diversity  as  a 
measure  in  performance  reviews. 

At  this  stage,  the  organization  has  diverse  teams  in 
place  as  well  as  formal  measurements.  Managers  are 
held  accountable  for  their  success  in  fostering  diversity, 
and  are  rewarded  with  bonuses  or  provided  with 
negative  consequences. 

Source;  Bernard  Hodes  Diversity  Services 

For  more  information  about  IT  Careers  advertising, 
please  call;  800.762.2977 

Produced  by  Carole  R.  Hedden 


SENIOR  APPLICATIONS  PRO¬ 
GRAMMER-ANALYST  (FINAN¬ 
CE  DEPARTMENT):  Duties  in¬ 
clude:  Under  general  direction, 
the  Senior  Application  Program¬ 
mer/Analyst  formulates  and  de¬ 
fines  systems  scope  and  objec¬ 
tives  in  order  to  design,  develop 
or  modify  information  systems. 
Assists  Project  Leader  in  the 
development  of  detailed  system 
specifications  for  major  system 
installations.  Performs  feasibility 
studies  to  analyze  cost/benefit 
trade-off  of  systems  solutions. 
Initiates  systems  design  specifi¬ 
cations,  and  prepares  flow 
charts,  block  diagrams  and  re¬ 
port  layouts  using  current  design 
techniques  or  functional  pro¬ 
gram  specifications.  Codes  pro¬ 
grams,  generates  program  test 
data,  tests  and  debugs  pro¬ 
grams.  Provides  and  maintains 
program  and  system  documen¬ 
tation.  Provides  technical  guid¬ 
ance  to  less  experienced  Pro¬ 
grammers.  Working  knowledge 
of  all  processes  involved  in  sys¬ 
tems  analysis  and  programming, 
including  design  factors,  hard¬ 
ware  and  software  require¬ 
ments,  system  facilities,  and  job 
control  procedures  required. 
Min.  Reqt's:  BS/BA  (foreign 
equivalent  accepted)  in  EE,  CS, 
IT,  Math  or  related  field  of  study 
PLUS  2  yrs  exp.  in  the  job  of¬ 
fered  or  related  exp.  in  program¬ 
ming  and  or  systems  analysis. 
ALSO:  Must  also  possess  dem¬ 
onstrated  experience  and  profi¬ 
ciency:  (1)  with  the  development 
and  implementation  of  at  least 
one  major  distributed  system  in¬ 
stallation  including  maintenance 
and  modification:  (2)  program¬ 
ming  and  systems  development 
using:  Visual  C++,  VB,  Power¬ 
Builder,  Sybase,  Oracle  &  MS 
SQL  Server  and  Access  SW  da¬ 
tabases;  and  (3)  must  possess 
strong  background  in  mathemat¬ 
ics  to  develop  and  support  actu¬ 
arial  applications.  Basic  pay 
range  is  $56,000  -  $68,000  per 
year  FT  and  standard  company 
benefits.  EEO.  Submit  2  resum¬ 
es  and  respond  to  Case  No. 
2003-00395,  Division  of  Career 
Services,  Labor  Certification 
Unit,  19  Stamford  Street,  1st  FI., 
Boston,  MA  02114. 


"DIVERSITY  IN  PRODUCTS, 
SERVICES  AND  PEOPLE" 

THE  SOCIAL  SECURITY  ADMINISTRATION  IN  WOODLAWN, 
MARYLAND  is  seeking  highly  motivated  IT  Professionals  for  the  following 
types  of  positions:  Mainframe  Developers  (COBOL,  CICS);  Internet 
Developers  (Java,  WebSphere,  CGI);  Database  Administrators  (DB2,  IDMS, 
Oracle);  Systems  Operation  Analysts  (SUN/UNIX,  JCL,  TSO/ISPF,  zJOS, 
Control  M) 

COME  JOIN  OUR  WINNING  TEAM!  -  WE  OFFER: 

COMPETITIVE  SALARIES  -  RANGE:  $52.963-$85.867;  A  COMPRE¬ 
HENSIVE  BENEFITS  PACKAGE,  INCLUDING:  RETIREMENT  SAVINGS 
INVESTMENT  PLAN;  HEALTH,  LIFE  AND  LONG  TERM  INSURANCE 
FOR  SELF  AND  FAMILY;  PAID  VACATION.  SICK  LEAVE  AND  10  PAID 
HOLIDAYS;  PAID  OVERTIME  AND  ONGOING  TECHNICAL  TRAINING 
AND  FLEXIBLE  WORK  SCHEDULES.  ALL  OF  THIS  AND  A  POSITIVE, 
CASUAL  WORK  ENVIRONMENT! 

To  apply  go  to  USAJOBS  at:  htto;//iobsearch.usaiobs.oom.aov/  and  select 
the  Social  Security  Administration.  Must  be  a  United  States  citizen  to  apply. 


FT  Project  Manager  Multiple 
positions.  Responsibilities  in¬ 
clude:  Manage  the  design,  de¬ 
velopment  and  implementation 
of  multi-tier  client/server,  MO 
Series  based  systems,  ADABAS 
/NATURAL  based  systems, 
CICS  and  VSAM  based  sys¬ 
tems,  multi-user,  re-engineering 
applications  for  finance  compa¬ 
nies  utilizing  Legacy  Mainframe 
Finance  Applications,  and  de¬ 
sign  tools  including  C,  C++, 
NATURAL/ADABAS  and  MQ 
Series;  manage  user  accep¬ 
tance  tests  and  user  training; 
and  manage  systems  analysts 
and  other  professional  support 
personnel.  Must  be  willing  to 
travel  to  client  sites  Monday- 
Friday.  Must  have  a  Masters 
Degree  or  foreign  or  educational 
equivalent  in  Computer  Science, 
Engineering  or  a  related  field 
and  three  years  of  experience 
as  a  Systems  Analyst  or  in  a  re¬ 
lated  occupation,  or  a  Bachelor's 
Degree  or  foreign  or  educational 
equivalent  in  Computer  Science, 
Engineering  or  a  related  field 
and  five  years  of  experience  as 
a  Systems  Analyst  or  in  a  relat¬ 
ed  occupation.  If  interested,  sub¬ 
mit  resume  in  duplicate  to: 

Ms.  Sandy  Pruitt 
N  I  I  T 

1050  Crown  Pointe  Parkway, 
Suite  500 

Atlanta,  GA  30338 


FT  Project  Manager.  Multiple  po¬ 
sitions.  Responsibilities  include: 
Manage  the  design,  develop¬ 
ment  and  implementation  of 
multi-tier  client/server,  multi¬ 
user,  re-engineering  applica¬ 
tions  for  insurance  companies 
utilizing  Legacy  Mainframe  In¬ 
surance  Applications  -  Vantage- 
One  System,  and  design  tools 
including  SCLM,  TWS,  ZEKE, 
ENDEVOR,  EOS,  DADS,  SAV- 
RS,  SAR,  APC,  PanApi.  Comp- 
areX,  QMF,  Dispatch  and  RDS 
manage  user  acceptance  tests 
and  user  training;  manage  sys¬ 
tems  analysts  and  other  profes¬ 
sional  support  personnel  Must 
be  willing  to  travel  to  client  sites 
Monday-Friday.  Must  have  a 
Master's  Degree  or  foreign  or 
educational  equivalent  in  Com¬ 
puter  Science,  Computer  infor¬ 
mation  Systems,  Engineering  or 
a  related  field  and  three  years  of 
experience  as  a  Systems  Analy¬ 
st  or  in  a  related  occupation,  or  a 
Bachelor's  Degree  or  foreign  or 
educational  equivalent  in  Com¬ 
puter  Science,  Computer  Infor¬ 
mation  Systems,  Engineering  or 
a  related  field  and  five  years  of 
experience  as  a  Systems  Analy¬ 
st  or  in  a  related  occupation.  If 
interested,  submit  resume  in 
duplicate  to:  Ms.  Sandy  Pruitt, 
N  I  I  T,  1050  Crown  Pointe 
Parkway.  Suite  500.  Atlanta,  GA 
30338. 
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SYSTEMS  ENGINEER 
TEAM  LEAD 

Manage  system  engineers  and 
computer  application  developers 
and  other  personnel  to  coordi¬ 
nate  the  design,  development, 
implementation  and  testing,  of 
high  volume  transactional  tele¬ 
phonic  and  web  based  business 
applications  and  database  sys¬ 
tems  for  the  commercial  and 
government  sectors  containing 
highly  confidential  personal  in¬ 
formation,  government  verifiable 
audit  controls  and  interactive 
voice  response,  Manage  profes¬ 
sional  staff  to  resolve  problems, 
design  and  document  useability 
testing  and  ensure  system  func¬ 
tionality  and  performance.  Re¬ 
quires  Bachelors  or  equivalent 
level  degree  in  Computer  Sci¬ 
ence,  MIS,  Statistics,  Engineer¬ 
ing  or  closely  related  field  and 
four  years  experience  in  the 
leadership/management  of  com¬ 
puter  applications  development 
projects.  Qualified  applicants 
must  presently  be  eligible  for 
permanent  employment  in  the 
United  States.  (8:00  a.m.  to  5:00 
p.m.);  40  hours  per  week,  over¬ 
time  as  needed  without  addition¬ 
al  compensation.  Position  is  with 
TALX  Corporation  in  St.  Louis, 
Missouri.  Send  resumes  to:  Ms. 
Ellen  Stanko,  Director  of  Human 
Resources,  TALX  Corporation, 
1850  Borman  Court,  St.  Louis, 
Missouri  63146.  EOE. 


Seeking  qualified  applicants  for 
the  following  positions  in  Mem¬ 
phis,  TN:  Senior  Programmer 
Analyst.  Formulate/define  func¬ 
tional  requirements  and  docu¬ 
mentation  based  on  accepted 
user  criteria.  Requirements:  Ba¬ 
chelor's  degree*  or  equivalent  in 
computer  science,  MIS,  engi¬ 
neering  or  related  field  plus  5 
years  of  experience  in  sys¬ 
tems/applications  development. 
Experience  with  J2EE,  Oracle 
databases  and  airline  schedul¬ 
ing  systems  also  required. 
’Master's  degree  in  appropriate 
field  will  offset  2  years  of  gener¬ 
al  experience.  Submit  resumes 
to  Matt  Coplas,  FedEx  Corpor¬ 
ate  Services,  2955  Republican 
Drive,  2nd  Floor.  Memphis,  TN 
38118.  EOE  M/F/D/V. 


EdgeTech  Services,  Inc. 
is  seeking  GIS  Appli¬ 
cations  Developer.  GIS 
&  Remote  Sensing  ex¬ 
perienced  individuals  w/ 
BS  in  Computer  Sci¬ 
ence  please  respond 
with  resume  to:  141 
Peaked  Mountain  Road, 
Townshend,  VT  05353 
Attn:  Ms.  Hunt. 


System  Development  Analyst 
wanted  to  design  and  develop 
system  software  for  law  enforce¬ 
ment  agencies  with  emphasis 
on  systems  tools,  communica¬ 
tions  programming,  and  applica¬ 
tion  programming  using  VB,  VC, 
C++  &  related  language  or  sys¬ 
tems  and  SQL  Server  Database 
Administration.  Bachelor  degree 
in  Computer  Science  &  2  years 
of  experience  required.  Send 
resume  to  Law  Enforcement 
Support  Agency,  955  Tacoma 
Ave.  S.,  Suite  101,  Tacoma,  WA 
98402. 


Computer  Professionals  (Mult¬ 
iple  Openings)  Software  Engin- 
eer/Prograrnmer  Analyst/Syst¬ 
ems  Analyst/Database  Admini¬ 
strator/  Network  Administrator. 
Requirements  include:  US 
equivalent  to  a  Bachelor  or 
Master  Degree;  in  lieu  of  a 
Master's  Degree,  we  are  willing 
to  accept  a  Bachelor  Degree 
with  five  (5)  years  of  prior  pro¬ 
gressive  professional  experi¬ 
ence.  Must  also  have  experi¬ 
ence  in  some  of  the  following 
skills:  C/C++,  Java,  Cold  Fusion, 
Microsoft  Technologies  (Visual 
Basic,  .NET,  ASP)  CRM  (Siebel, 
Clarify,  Vantive),  Middleware 
Technologies  (ORBIX,  TIBCO, 
CORBA,  VITRIA),  Dataware 
Housing  Tools  (Informatica, 
DataStage,  Ablnitio,  Business 
Objects,  Cognos,  Micro  Stra¬ 
tegy,  Brio)  ERP  (SAP,  People 
Soft,  Oracle  Apps,  Baan) 
Mainframe  (COBOL,  CICS,  JCL, 
VSAM),  AS400,  Ecommerce, 
Databases  (SQL  Server,  Oracle 
DB2,  Sybase),  Windows  (95/ 
98/2000/NT/XP,  Exchange), 
UNIX  (Sun  Solaris/HP),  Linux 
and  QA  (Win  runner.  Load  run¬ 
ner,  SILK,  Quick  Pro,  Rational 
Tools,  Manual  Testing).  Exten¬ 
sive  Travel  and/or  relocation. 
Attractive  compensation  pack¬ 
age.  Mail  resume  to:  Human 
Resource  Director,  Reasonsoft, 
Inc.,  74  State  Road,  Ste.  203, 
Kittery,  ME  03904 


Software  Engineers,  Program¬ 
mer  Analysts,  Systems  Analysts, 
need  for  VA  basedIT  firm.  Will 
need  Bach  +1  yr  exp  for  Jr.  Lev¬ 
el  positions  and  Masters  +1  yror 
Bach  +  5  yrs  of  exp  for  Sr.  Level 
position.  Various  skills  req:  Sta¬ 
tistical  software(SAS),  PERL, 
ERWIN,  C,  C++,  VC++,  iplanet, 
ASP,  DHTML,  Javascript,  Syb¬ 
ase,  Oracle,  SQLServer,  Busin¬ 
ess  Objects,  Crystal  Reports, 
Windows  NT,  IINUX,  IIS,  UN¬ 
IX,  Sun  Solaris,  CISCO,  PL/ 
SQL,  Cognos,  Brio,  Netscape 
enterprises  server, Cold  fusion, 
data  modelling,  informatica,  e- 
business  intelligence,  cics,  db2, 
peoplesoft,  jdedwards,  power 
builder,  CRM,  VB,  j2ee,  jsp, 
Jdbc,  ejb,  web  sphere,  weblog- 
ic, Apply  with  2  copies  of  resume 
to  H.R.Dept,  Ling  Technologies 
2325,  Dulles  Corner  Blvd,  Suite 
500  Herndon,  Va  -  20155. 


Programmer  Analysts  for 
Naperville,  iL.  Design  &  Develop 
software  applications  using 
Oracle,  Erwin,  XML,  UML,  C++, 
Interwoven,  Coolgen,  Clear- 
Case,  ClearQuest,  PVCS,  UNIX; 
Bachelors  or  Equivalent  req'd  in 
Computers,  Engineering,  Math 
or  any  related  field  of  study  +  2 
yrs  of  related  exp.  40  hrs/wk. 
Must  have  proof  of  legal  author¬ 
ity  to  work  permanently  in  the 
U.S.  Send  resume  to  HR 
Manager,  Redsalsa  Techn¬ 
ologies,  Inc., 184  Shuman  Blvd, 
Suite#180,  Naperville  IL  60563. 


SAP  Business  Systems  Analyst. 
Thomson,  Inc.  is  seeking  an  SAP 
Business  Systems  Analyst  to 
consult  with  clients  regarding 
SAP  software  systems,  provide 
SAP  analysis,  redesign,  and  con¬ 
figuration  of  clients'  business 
procedures,  policies,  and  pro¬ 
cesses,  and  act  as  liaison  be¬ 
tween  the  application  developers 
and  the  business  community  to 
define  business  and  system 
requirements.  Must  have  4  years 
of  experience  in  SAP  consulting 
and  configuration.  Send  cover 
letter  and  resume  to:  Betty 
Moreno-Silva,  Manager,  Human 
Resources,  Thomson,  Inc.,  3233 
East  Mission  Oaks  Boulevard, 
Camarillo,  CA  93012.  Please  ref¬ 
erence  Job  #AMM  in  your  cover 
letter. 


Unix  Administrator  required  to 
install,  configure,  update  and 
maintain  UNIX  (primarily  Sun 
Solaris)  servers  in  a  Windows 
environment,  troubleshooting 
system  problems  and  failures. 
Determine  and  implement  the 
requirements  for  hardware  and 
software  and  perform  related 
duties.  Bachelor  in  Computer 
Science  and  two  year  related 
experience  required.  Send 
resume  to  HR  (IT01),  Memphis 
Managed  Care  Corp.,  1407 
Union  Ave.,  Suite  200,  Memphis, 
TN  38104. 


Sr.  Software  Engineer. 
Customize  &  integrate  s/w 
components  from  3rd  party 
vendors  into  wireless  prod¬ 
ucts.  Bach's  deg  in  Comp 
Sci,  Physics  &  Elec  Engrg 
reqd  +  5  yrs  prog  exp  in 
specialty  field.  Snd  resume 
to  PMCDU,  1225  North¬ 
brook  Pkwy,  Suwanee,  GA 
30024,  Attn:  D.  Greer,  RK 


ProQuest,  one  of  largest  infor¬ 
mation  aggregators,  has  multi¬ 
ple  openings  for  Software  Engin¬ 
eers,  System/Programmer  An¬ 
alysts,  DBA.  Candidates  must 
have  MS/BS  with  experience. 
We  offer  attractive  wage  with  full 
benefits.  Please  send  resumes 
to:  human_resources@ii. proquest 
.com  EOE. 

System  Analyst  &  IT  staff  want¬ 
ed  by  Credit  Acceptance  Corp. 
Design  &  develop  ETL  process 
to  upload  data  from  OLTP  sys¬ 
tem  to  Star  Schema;  develop 
interface  process  to  transfer 
data  between  Loan  Servicing  & 
FACS;  use  Oracle,  SQL  Server, 
Crystal  Reports.  Please  contact 
hr@creditacceptance.com. 


Information 

Overload? 
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itcareers.com 
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IndusRAD  seeks  engineers  &  IT 
staff  to  design  &  develop  appli¬ 
cation  software  for  Marine  en¬ 
gines  &  advanced  diesel  engine 
using  ANSI  C  program.  Write 
test  plan  &  procedures.  Must 
have  MS/BS  with  exp.  Good 
wage  with  benefits.  Please  send 
resume  to  info@indusrad.com. 
EOE. 

Ultimed  HMO  seeks  system 
analyst  to  develop  functional/ 
system  specifications  using  ob¬ 
ject  oriented  design  &  CASE 
tools,  program  in  VB,  VC++, 
Visual  FoxPro,  develop  ad-hoc 
reports  and  queries.  Applicants 
must  have  BS/MS  with  IT  exp. 
Please  contact  lactchson@ 
ultimed-hmo.com.  EOE. 


Software  Engineer,  Appli¬ 
cations.  BS  in  c.  sci,  eng  or 
rel.  field;  3  yrs  exp.  to 
include  Visual  Basic,  .NET, 
SQL,  Crystal  or  T-SQL 
reporting,  Rational  Rose, 
Java,  C++,  UNIX;  demon¬ 
strated  communication, 
mentoring  &  documenta¬ 
tion  ability;  exp.  w/financial 
reports  &  concepts.  Send 
resume  to  Joanie  Bond, 
9001  Hickman  Rd.,  Ste 
340,  Urbandale,  IA  50322. 
EOE. 


Sr.  Applications  Programmer 
w/2  yrs  exp  in  using  SEI  CMM 
quality  control  standards,  full 
life  cycle  expertise  in  ADR 
securities,  cross-product  pro¬ 
cessing,  Power  Builder  with 
PFC,  Sybase  ASE,  Oracle, 
SQL  Anywhere,  Visual  Basic, 
Crystal  Reports,  Actuate, 
Unix,  Java,  web  component 
development,  Erwin,  Visual 
Source  Safe,  Clearcase,  Net¬ 
scape  Enterprise  Server.  Mail 
Res  to:  Open  Systems  Tech¬ 
nologies,  Inc.  8  Winter  Street, 
6th  Floor,  Boston,  MA  02108. 


Programmers  (Level-3):  Deve¬ 
lop  &  write  computer  programs 
for  web/client-server  software 
apps.  &  convert  project  specs,  in 
JD  Edwards  One  World, 
Microsoft  tech.,  Oracle  and 
Java/J2EE.  BS  in  Comp.  Sc.,  or 
rel.  field  &  2  yrs.  software  devel¬ 
opment  exp.  including  at  least 
12  months  exp.  in  job  offered 
required.  $50,200/Yr.  &  benefits. 
Mail  resume  to  Jann  Nielsen, 
Melaleuca,  Inc.,  3910  S. 
Yellowstone  Hwy.,  Idaho  Falls, 
ID  83402.  No  phone  calls 
please.  EOE. 


Web-Database  Administrator/ 
Programmer  Analyst.  Seeking 
quailified  candidates  possessing 
B.S.  or  equivalent  with  related 
work  experience  of  3  to  5  years. 
M-F  8am-5pm.  Duties:  Internet 
development,  design,  develop 
and  implement,  e-commerce 
application  using  COM,  COM+, 
MTS,  IIS,  HTML,  DHMTL,  Java 
Script,  Microsoft  and  Sun  Tech¬ 
nologies  with  database  Oracle 
8.1  &  MS  SQL  Server  2000  and 
MS-Access  2000.  Please  send 
resume  to  Angel  Diamond  Jew¬ 
elers  Company,  Attn:  Mr.Yaqim 
Lalani,  4800  Texoma  Pkwy,  Ste 
202,  Sherman  Tx  75090.  Email: 
y_lalani@hotmail.com. 


Software  Developer 

Analyze,  design  and  deploy 
customized  IT  applications  for 
the  mortgage  and  finance  in¬ 
dustry.  Must  have  Bachelors 
Degree  or  Foreign  Equiv.  in  CS 
or  Eng.  or  in  a  related  field  &  2 
yrs.  exp.  or  2yrs.  exp.  in  a  relat¬ 
ed  position  w/ability  to  use:  C#, 
VB.Net,  VB,  ADO. Net  and 
ASP. Net  40.0  hrs./wk  8:00  AM  - 
6:00  PM.  Applicants  send 
cover  letter  and  resume  to: 
Cyber  Korp,  Inc., 400  West 
Lake  Street,  Suite  216,  Roselle 
IL  60172-3572,  Attn:  HR  MGR. 


Programmer  Analysts  to  ana¬ 
lyze,  design,  s/w  appls  using 
Java,  ASP,  Servlets,  JDBC, 
HTML,  Oracle,  PL/SQL,  Dev 
2000,  Forms,  Reports  Win¬ 
dows  OS;  design  web  pages 
dynamically  using  JavaScript; 
design  database  structure  using 
UML;  provide  on  site  mainte¬ 
nance  support,  debug,  modify, 
fine  tune  and  perform  code  opti¬ 
mization.  Require:  BS  or  For¬ 
eign  equiv  with  concentration  in 
CS/Science/Engg  (any  branch) 
with  2  yrs  exp  in  IT.  Competitive 
salary,  F/T  positions.  Travel 
involved.  Resume  to  IOR 
Technologies,  Inc.  2400  86th  st, 
Ste12,  Urbandale,  IA  50322.  Job 
ID  IORPA1104. 


Software  Developer 

Developing  and  programming 
large  scale  electronic  messag¬ 
ing  system  for  markets  in  China 
and  other  eastern  countries, 
researching  the  proper  technolo¬ 
gies  to  enhance  the  develop¬ 
ment  process,  and  providing 
prototypes  for  each  program  to 
be  coded  in  Java/NetBeans, 
C/C++,  JavaScript,  etc.  Req.  MS 
degree  in  CS  or  a  related  field 
and  proficiency  in  Java/Net- 
Beans,  C/C++,  JavaScript,  and 
XML.  Ability  to  understand  writ¬ 
ten  Chinese  or  other  eastern 
Asian  languages  also  required. 
40  hrs/wk.  Fax  resume  to 
Send2Fax,  LLC.  at  (843)  645- 
9501  or  email  hr@send2fax 
.com. 


enterprise  integration 
network  vulnerabilities 
corporate  data  security 
government  compliance 
mobile  &  wireless  security 
business  management  needs 


The  right  IT  professional 
can  jump  the  hurdles  of 
today  s  IT  challenges. 

Call: 


(800)  762-2977 
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Senior  Account  Manager  wanted 
to  source  and  support  new  tech¬ 
nical  business  development 
opportunities.  Must  have 
Bachelor's  degree  in  Electrical 
Engineering,  Computer  Science 
or  related  field  and  4  years 
experience  in  corporate  sales  in 
the  software  services  industry, 
including  2  years  experience 
with  project  management  and 
software  development.  Send 
resume  to  Hilary  Gosselin, 
Human  Resources  Manager, 
Lionbridge  Technologies,  Inc., 
492  Old  Connecticut  Path, 
Framingham,  MA  01701. 

Seeking  qualified  Software  En¬ 
gineers  and  Programmer  An¬ 
alysts  with  experience  in  any  of 
the  following  tools  and  technolo¬ 
gies:  CCNP,  CCNA,  MCP,  Cisco 
Pix,  Local  Directors,  Aironet 
Access  points,  Checkpoint  fire¬ 
wall,  Packet  Shapers,  Nortel 
Contivity  VPN  Switches,  Cisco 
Network  Registrar  server,  RSA 
Ace  Server,  Websense  URL  fil¬ 
tering,  Cisco  Works,  Whatsup, 
Packet  Sniffer,  Snort  IDS, 
Insight  Manager,  CTX  670. 
Reqmts:  BS  or  MS  degree  w /  2 
or  3  yr.  exp.  in  the  field.  Apply  to: 
Kaltech  International  Corpora¬ 
tion,  3965  Stone  Village  Ct, 
Duluth,  GA  30097  EOE. 

Programmer  Analyst  w/2  yrs 
exp  to  implement,  test  &  de¬ 
ploy  applications  on  Windows 
&  Linux  platforms  using  Visu¬ 
al  Basic,  Visual  C++  and 
Scripting.  Write  &  test  code 
for  Oracle,  Mysql  &  Access 
databases  using  Oracle, 
PL/SQL,  Access  &  SQL.  Use 
HTML,  JavaScript,  Java, 
ASP,  PHP,  C,  MVS/TSO  plat¬ 
form,  FORTRAN,  PL/I,  SAS 
&  JCL.  Mail  res:  Optima 
Technology  Partners,  Inc, 
264  South  River  Rd,  Ste  454, 
Bedford,  NH  03110. 

Project  Managers  to  lead/man¬ 
age  teams  to  study,  analyze, 
customize  and  develop  Portal 
infranet  billing  appls  using  C. 
Pro-C,  Oracle  procedures,  trig¬ 
gers,  Unix  shell  scripts  etc;  lead 
teams  to  develop  custom  GUI 
tools  in  VB  using  portal  COM 
objects;  mentor  in  development 
of  Oracle  triggers,  packages, 
procedures,  view  and  pro-C  for 
data  retrieval/data  migration; 
evaluate,  test,  train  team  mem¬ 
bers.  Require  MS  (or  foreign 
equiv)  in  CS/Computer  Engg  &  1 
yr  exp  in  portal  infranet  billing. 
F/T.  Competitive  salary.  Travel 
involved.  Resumes  to  HR, 
Intercall,  Inc.,  1211  O.G.  Skinner 
Drive,  West  Point,  GA31833. 
Please  refer  Job  ICI1104. 

Programmer  Analysts  to  ana¬ 
lyze,  design  s/w  appls  using 
SAP  R/3,  ABAP/4,  C,  C++, 
Java,  VB,  JSP,  JScript,  HTML 
on  UNIX/Windows  os;  gath¬ 
er/document  reqs  from  user 
community;  test/troubleshoot 
project  appl  code  according  to 
system  objectives.  Require  a 
B.S.  or  foreign  equiv  in  CS/ 
Engg  (any  branch)with  2  yrs 
exp  in  IT.  Competitive  salary. 
F/T.  Travel  involved.  Resume 
to  HR,  Smartsoft  Internation¬ 
al,  Inc.,  3965  Johns  Creek 
Court,  Ste  500,  Suwanee,  GA 
30024. 

Maxil  Technology  Solutions,  a 
computer  consulting  company, 
has  openings  available  for  Pro¬ 
grammer  Analysts.  Duties  will 
include  but  not  be  limited  to 
modifying,  developing  and 
testing  computer  programs, 
and  evaluating  user  requests 
for  new/modified  programs.  A 
degree  is  required.  Will  accept 
foreign  equivalent  of  the  re¬ 
quired  educ.  and/or  its  equiv.  in 
educ.  and  experience.  Send 
resumes  to  HR  Dept.,  Maxil 
Technology  Solutions,  2625 
Butterfield,  Suite  316  W, 
Oakbrook,  IL  60523. 

IT  Careers 
Wants  You! 

Take  the  hassle  out 
of  job  searching  and 
check  us  out  at 
www.itcareers.com 


NET  MATRIX  SOLUTIONS 

Net  matrix  Solutions  has  the  fol¬ 
lowing  positions  open: 

SOFTWARE  ENGINEERS:  to 
research,  design,  develop  com¬ 
puter  software  systems  and  lead 
new  product  development  pro¬ 
jects  to  timely  completion.  Abil¬ 
ity  to  evaluate  and  design  SAP 
software  is  required.  Needs  a 
Masters  in  CS/MIS  or  any  relat¬ 
ed  degree  combined  with  1  + 
years  experience  or  Bachelors 
with  5  years  experience  in  de¬ 
signing  and  developing  comput¬ 
er  software  systems. 

SYSTEMS  ANALYSTS:  to  ana¬ 
lyze,  design  and  develop  opera¬ 
tional  procedures  to  automate 
processing  and  to  develop  new 
systems  to  improve  production. 
Knowledge  of  SAP,  Oracle,  and 
other  business  related  software 
is  essential.  Needs  Bachelors  in 
Engineering/CS  or  in  any  related 
field  combined  with  5  years  rele¬ 
vant  experience  in  designing 
and  developing  computer  soft¬ 
ware  systems. 

Please  send  resumes  to  the  re¬ 
spective  addresses:  Human  Re¬ 
sources,  480  Congress  Street, 
1st  floor,  Suite  #317,  Portland, 
ME  04101. 


CPG,  Inc  a  fast  Growing  soft¬ 
ware  firm  is  looking  for  Program¬ 
mer  Analysts:  Should  have 
bachelor's  degree  in  computer 
science/related  field  with  2  years 
experience  in  any  two  of  the  fol¬ 
lowing  skills:  Design  and  devel¬ 
opment  of  software  applications. 
Java,  J2EE,  EJB,  XML,  Struts, 
VB.  .NET,  C#,  C++,  ASP,  Sur¬ 
pass,  Siebel,  peopleSoft,  SAS, 
EDI,  Cobol,  SunSolaris,  Web- 
services,  WMQI,  MQSeries, 
SAP,  ABAP,  DB2,  MS-SQL, 
Oracle,  SQLPIus*,  0S/390,  Unix, 
WebLogic,  Tuxedo. 

We  accept  foreign  education 
equivalent  of  the  degree,  or  the 
degree  equivalent  in  education 
and  experience. 

Send  resume  and  covering  letter 
to:  CPG,  inc.  250  Regency 
Court.  Suite  #101,  Brookfield, 
Wl  53045. 


COMPUTER  SYSTEMS 
ENGINEER:  MEDICAL 
SYSTEMS  INTEGRATION 


Designs,  develops  and  main¬ 
tains  computer  systems  to 
import  data  from  multiple  plat¬ 
forms/sources,  and  to  manage 
data  within  private  wide  area 
network.  Must  have  B.S.  in 
Electrical  Engineering,  Comp¬ 
uter  Science  or  equivalent,  and 
at  least  two  years  experience  in 
the  job  offered.  50+  hours  per 
week.  EOE,  Drug  Free  Work¬ 
place.  Send  resume  to:  21st 
Century  Oncology  Attn:  Joyce 
White.  2234  Colonial  Blvd.,  Ft. 
Myers,  FL  33907  or  fax 
(239)931-7381. 


Programmer  Analysts/Software 
Enggs.  needed.  Seeking  qual. 
candidates  possessing  MS  or 
equiv.  &/ or  rel.  work  exp.  Part  of 
req.  rel.  work  exp.  must  include 
2  yrs  working  w /  Visual  Source 
Safe  &  MS  SQL  Server  &  3  yrs. 
working  w /  Visual  Basic.  Exp. 
may  be  simultaneous.  Duties 
include  design  software,  data¬ 
bases  &  analyze  reqs.  &  busi¬ 
ness  processes.  Work  w/  MS 
SQL  Server,  Visual  Basic,  Visual 
Source  Safe,  DataDynamics 
Active  Reports,  &  ODBC  on 
Windows.  Fwd.  resume,  ref.  & 
salary  req.  to  ECMD,  Inc.,  Attn: 
HR,  2  Grandview  St,  PO  Box 
130,  N.  Wilkesboro,  NC  28659. 


Software  Engineers  (hvng  Masts 
Deg  w/2yr  exp  or  Bach  Deg  w/5 
yrs  exp).  &  Progmr  Analysts  w / 
exp.  for  IT  Co.,  Exp.  must  incl 
comb's  of  Java,  Custom  Portal 
implementation  using  Java/ 
J2EE  Technologies,  Business 
process  re-engineering,  ATG 
architect/manager  for  custom 
J2EE  based  personalization 
websites/portals,  EJB,  Servlets, 
JSP,  C++,  C,  Net,  C #,  COM, 
DCOM,  MQSeries,  MQSI,  Web 
methods.  TIBCO,  Seebeyond, 
EDI,  Gentran,  Harbinger,  TLE, 
Oracle  Clinical,  SAS  Program¬ 
ming,  Cardiff,  Smalltalk,  Report¬ 
ing  services,  Net,  ASP.NET, 
VB.NET,  C#,  ADO.NET,  Web 
Services,  Remoting,  Dataware¬ 
housing,  Business  Objects,  In¬ 
formatics,  Microstrategy,  Actu¬ 
ate,  Siebel,  Informix,  Sybase, 
Oracle,  SQLServer,  DB2,  MS- 
Access,  Unix,  Windows  2000/ 
XP/2003,  Netscape  Application 
Server,  SAP  Basis  for  SAP  R/3 
&  MySAP  Components,  BEA 
Web  Logic;  Cognos  ReportNet 
on  IBM  Websphere.  We  are  also 
looking  for  Networking  Consult¬ 
ants  with  exp  in  global  office 
connectivity,  branch  connectivity 
using  BGP  routing  protocol,  de¬ 
sign, develop,  test  &  implement 
network  solutions.  Must  have 
relevant  exp.  Reply  w /  2  copies 
of  res: 

HRD 

Objectsoft  Global  Services  Inc, 
650  Main  Street,  Suite  #211 
South  Portland,  ME-04106 
Fax:  207-253-5407 

Email: 

resumes@obiectsoftalobal.com 


Programmer/Analyst  needed  for 
Software  Development,  Servic¬ 
es  &  BPO  firm  located  in  Burlin¬ 
gton,  VT.  Job  duties  include:  An¬ 
alyze,  design,  and  develop  com¬ 
puter  applications  and  docu¬ 
ments  for  various  clients  using 
UML  methodologies  and  design 
patterns.  Develop  software  us¬ 
ing  ADO.NET,  ODP.NET,  COM 
and  ATL.  Model  databases  using 
Visio  Architect.  Develop  compli¬ 
cated  queries  and  stored  proce¬ 
dures  on  multiple  databases. 
Applicant  must  have  B.S.  de¬ 
gree  in  computer  science,  engi¬ 
neering,  math,  or  business.  Ap¬ 
plicant  must  also  have  1  yr.  exp. 
in  the  job  duties  listed  above  or 
in  any  computer  related  occupa¬ 
tion  which  must  include  the  skills 
listed  above.  40hrs/wk,  8:00am- 
5:00pm,  Mon-Fri,  $60,000/yr. 
Send  resumes  to:  Job  No. 
29314,  P.O.  Box  488,  Montpel¬ 
ier,  VT  05601-0488. 


Programmer/Analyst  needed  for 
Software  Development,  Servic¬ 
es  &  BPO  firm  located  in  Burlin¬ 
gton,  VT.  Job  duties  include: 
Analyze,  design,  develop,  and 
implement  client  server  based 
computer  applications  for  cli¬ 
ents.  Use  .NET  framework, 
VC#. NET,  VC++,  STL,  and 
COM/  DCOM.  Perform  work  in 
a  Windows  environment.  Appli¬ 
cant  must  have  B.S.  degree  in 
computer  science,  engineering, 
math,  or  business.  Applicant 
must  also  have  1  yr.  exp.  in  the 
job  duties  listed  above  or  in  any 
computer  related  occupation 
which  must  include  the  skills 
listed  above.  40hrs/wk,  8:00am- 
5:00pm,  Mon-Fri,  $60,000/yr. 
Send  resumes  to  Job  No. 
29312,  P.O.  Box  488,  Mont¬ 
pelier,  VT  05601-0488. 


Programmer-Analyst  needed 
to  analyze  specs,  create 
schema,  write  code  using 
Corba  &  test  applies  using 
C++/C,  Java,  SNMP,  NMS, 
HP-UX,  Solaris,  applic 
servers,  Linux,  Informix, 
Oracle,  DB2,  GNU,  TCP-IP, 
Socket  &  Profiler,  OOAD. 
Send  resume  to:  Global 
Consultants,  Attn:  Hireme, 
8800  Grand  Oaks  Cir.,  #100, 
Tampa,  FL  33637. 


Finding  Cures . 
Saving  Children. 

Uniting  Employees . 

Current  Opportunities: 

Systems  Quality  and 
Compliance  Test  Engineer  I 
Clinical  Research  Informatics  (Job  Number  09265) 

Systems  Quality  and 
Compliance  Administrator  I 

Clinical  Research  Informatics  (Job  Number  08756) 

Bioinformatics  Associate 
Research  Scientist 

Hartwell  Center  for  Bioinformatics  and 
Biotechnology  (Job  Number  09977) 

To  apply  for  these  positions,  please  log  on  to 

www.stjude.org/jobs 


www.stjude.org  An  equal  opportunity  employer 


SENIOR  BUSINESS  SYSTEMS  ARCHITECT  (MULTIPLE  BUSINESS 
UNITS)  -  A  Massachusetts-based  company  Involved  in  the  worldwide 
research,  development,  manufacture,  marketing  and  sale  of  audio  prod¬ 
ucts  and  technologies,  has  an  immediate  need  for  a  highly  skilled  Senior 
Business  Systems  Architect  (Multiple  Business  Units).  This  senior-level 
position  will  be  responsible  for  the  planning,  design,  deployment,  and 
post-implementation  enhancement  of  mission-critical  global  hardware 
and  business  systems  software  solutions  for  enterprise-wide  and  web- 
based  ("e-business")  business  units.  This  position  is  also  responsible  for 
mentoring  technical  personnel  in  the  use  of  systems  and  database  mod¬ 
eling  techniques  and  the  development  of  monitoring,  recovery  and  inci¬ 
dent  response  strategies  and  operational  support  procedures.  Minimum 
education  required  is  a  Bachelor's  degree  in  Computer  Science,  MIS,  or 
a  Business  field  relevant  to  business  systems.  Minimum  experience 
required  is  eight  (8)  years  pre-  or  post-degree  experience  (a  relevant 
Master's  degree  may  be  substituted  for  2  of  the  8  years  required  experi¬ 
ence)  involving  business  systems  software  development,  at  least  3  years 
of  which  specifically  involved  the  development  of  logical  data  models,  and 
the  planning  and  support  of  production  operations  under  both  SQL  Server 
and  Oracle.  Specifically  required  is  the  demonstrated  ability  to  lead  the 
development  and  deployment  of  mission  critical  e-commerce  systems 
architectures,  and  to  model,  design  and  implement  component  and  ser¬ 
vice  based  transaction  processing  systems  using  UML-based  techniques. 
Also  required  is  the  demonstrated  ability  to  develop  and  maintain  infra¬ 
structure  capacity  models,  and  to  co-ordinate  the  deployment  and  man¬ 
agement  of  mission-critical  load-balanced,  highly  available,  and  redun¬ 
dant  server  configurations  to  support  global  operations.  Additionally 
required  is  the  demonstrated  ability  to  translate  logical  data  models  into 
physical  SQL  Server  and  Oracle  database  schemas.  Further  required  is 
the  demonstrated  ability  to  provide  technical  support  to  system  and  data¬ 
base  administrators  in  tuning,  optimization,  backup,  recovery  and  moni¬ 
toring  of  mission-critical  e-business  systems.  Finally  required  is  the 
demonstrated  ability  to  conduct  new  technology  evaluations  and  provide 
project  and  resource  cost  estimations  to  senior  financial  management  for 
capital  budgeting  and  internal  rate  of  return  (IRR)  analysis  of  recom¬ 
mended  hardware  and  software  solutions.  Starting  base  salary  is  $93,000 
per  year,  together  with  ten  (10)  days  paid  vacation,  contributory  medical 
and  life  insurances,  and  other  industry-competitive  benefits.  Qualified 
applicants  respond  with  two  (2)  copies  of  resume  only  to:  Case 
#200300358,  Labor  Exchange  Office,  19  Staniford  Street,  1st  Floor, 
Boston,  MA  02114.  An  EOE/MFHV. 


Senior  Enterprise  Infrastructure 
Engineer  wanted  to  participate 
in  arch,  designs  for  the  planning, 
integration  &  development  of 
J2EE  applications.  Must  have 
Master's  deg.  in  Comp.  Sci.  or 
Eng.  &  2  yrs.  software  develop¬ 
ment  &  object  oriented  analysis 
&  design  exper.,  incl.  commer¬ 
cial  software  eng.  exper.  in  EJB, 
SOAP,  Weblogic  &  WSAD, 
exper.  in  Content  Mngmnt.  or 
Digital  Asset  Mngmnt.  Systems, 
&  exper.  in  a  tech,  leadership 
role,  responsible  for  design  & 
development  of  core  functional 
modules  of  J2EE  based  applica¬ 
tion.  (A  Bach.  deg.  &  5  yrs. 
exper.  can  substitute  for  a 
Master's  &  2  yrs.  exper.)  Send 
resume  to  Human  Resources. 
Job  Code  SE89.  Context  Media, 
Inc.,  1  Providence  Washington 
Plaza,  Providence,  Rl  02903. 


Systems  Analyst  needed  for 
Software  Development,  Servic¬ 
es  &  BPO  firm  located  in  Burlin¬ 
gton,  VT.  Job  duties  include:  As¬ 
sess  performance  and  scalabili¬ 
ty  of  client  company’s  Siebel 
Customer  Relationship  Manage¬ 
ment  (CRM  System)  product  for 
the  purpose  of  improving  perfor¬ 
mance.  Build  scripts  using  Load 
Runner  to  assess  and  applica¬ 
tions  performance  for  large 
enterprise  software  systems. 
Prepare  documentation  and 
make  recommendation  to  the 
client  regarding  hardware  and 
third  party  software  usage.  Work 
in  both  UNIX  and  Windows  envi¬ 
ronments.  Applicant  must  have 
B.S.  degree  in  computer  sci¬ 
ence,  engineering,  math,  or  bus¬ 
iness.  Applicant  must  also  have 
2  yrs.  exp.  in  the  job  duties  listed 
above  or  in  any  computer  relat¬ 
ed  occupation  which  must  in¬ 
clude  the  skills  listed  above. 
40hrs/wk,  8:00am-5:00pm,  Mon- 
Fri,  $60,000/yr.  Send  resumes 
to:  Job  No.  29208,  P.O.  Box  488, 
Montpelier,  VT  05601-0488. 
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Best  advice 

SOAs  require  proper  design.  If  not,  they’re  likely  to  fail 
and  end  up  incurring  high  costs. 

Low-hanging  fruit:  Services  wrappers  —  via  Java,  C++  and 
other  techniques  —  may  get  users  into  the  SOA  world  quicker, 
but  typically  make  poor  services. 

Architect  beware:  Objects  and  components  are  not  services.  If 
not  properly  designed,  objects  and  components  can  generate  too 
much  traffic  and  overwhelm  the  network.  Services  need  to  be 
designed  in  their  own  right. 

Proliferation:  Too  many  small  SOA  services  will  clog  the  network 
and  render  SOA  unusable. 

Bigger  not  better:  Services  that  are  too  large  will  inherit  problems 
of  monolithic  architectures  and  not  be  as  effective. 

Extremism:  Not  all  software  should  be  service-oriented. 

SOURCE:  GARTNER  GROUP 
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continued  from  page  1 

coupled  into  composite  appli¬ 
cations  across  a  distributed 
network. 

“I  call  it  spaghetti-oriented 
architecture,”  Kobielus  says.  “It’s 
this  mess  of  messages.  SOA  relies 
on  messaging-oriented  interac¬ 
tion  among  endpoints.  How  can 
you  manage  all  this, how  can  you 
design  it  all,  optimize  it  all,  track 
it  all,  secure  it  all,  this  mess  of 
messages,  this  spaghetti?” 

While  those  are  worthwhile 

A  CLOSER  LOOK: 


questions,  they  also  provide 
counterbalance  to  the  notion 
that  corporate  adoption  of  the 
SOA  is  a  forgone  conclusion. 

While  major  vendors  such  as 
BEA  Systems,  IBM,  Microsoft, 
Oracle,  SAP  and  Sun  are  retool¬ 
ing  their  product  portfolios  for 
Web  services  and  SOA,  users  are 
still  catching  up. 

Despite  obvious  interest  — 
76%  of  CIOs  said  they  will  make 
an  SOA  investment  —  a  recent 
study  by  The  Yankee  Group 
shows  that  44%  of  473  respon¬ 
dents  said  their  lack  of  under¬ 
standing  of  Web  services  and 
loosely  coupled  architectures 
were  two  inhibitors  in  adopting 
an  SOA.  Another  44%  said  they 
were  unconvinced  of  the  busi¬ 
ness  benefits,  while  IT  executives 
said  the  biggest  challenge  to 
interoperability  and  standards 
adoption  is  the  cost  of  software 
and  services. 

Many  of  those  same  IT  execu¬ 
tives  lived  through  the  unfulfilled 
promises  of  the  Common  Object 
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Request  Broker  Architecture  and 
the  Distributed  Common  Object 
Model,  two  failed  attempts  at  ser¬ 
vice  orientation. 

What  it  takes 

The  challenges  appear  on  many 
fronts  and  include  the  need  for 
standards  beyond  the  generally 
accepted  foundation  specifica¬ 
tions  including  XML,  the  Simple 
Object  Access  Protocol  (SOAP), 
Web  Services  Description  Lang¬ 
uage  (WSDL)  and  maturing  secu¬ 
rity  protocols  such  as  WS-Security 
The  missing  standards  include 


those  for  reliable  messaging,  man¬ 
agement  and  business  process 
orchestration  to  support  transac¬ 
tional  quality  applications  run¬ 
ning  within  an  SOA. 

Also  needed  are  new  twists  on 
middleware  to  battle  latency  and 
ensure  service-level  guarantees. 
This  is  especially  true  in  the  face 
of  a  glut  of  messages  from  XML 
and  Web  services  that  will 
swamp  the  network  and  require 
specialized  acceleration  hard¬ 
ware,  policy  enforcement  points, 
protocol  translation  engines, 
application  layer  routing, 
improved  caching  techniques 
and  traffic  management. 

“We’re  not  talking  about  packets 
anymore;  we’re  talking  about 
messages  passing  through  the 
network  that  are  making  things 
happen.  It’s  a  big  shift,”  says  Eu¬ 
gene  Kuznetsov,  founder  and  CTO 
of  DataPower,  which  develops 
hardware  for  improving  the  per¬ 
formance  and  security  of  XML 
traffic.  He  says  the  shift  will  affect 
software  and  infrastructure. 
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Users  will  need  to  overcome  the 
age-old  roadblock  of  corporate 
politics  because  building  a  reli¬ 
able  and  stable  architecture 
means  the  right  hand  needs  to 
know  what  the  left  hand  is  doing. 

“The  issue  is  that  architecture  is 
a  best  practice,”  says  Ron 
Schmelzer,  an  analyst  with 
ZapThink.  “The  tool  set  will  get 
you  only  part  of  the  way. 
Architecture  is  a  discipline;  you 
don’t  get  it  from  a  tool. You  need 
to  know  what  services  to  build, 
how  to  build  them  at  the  right 
level  of  granularity  and  how  to 
build  them  loosely  coupled.” 

Loosely  coupled  is  a  defining 
feature  of  an  SOA  that  basically 
describes  components  that  are 
not  hard-wired  but  can  be 
stitched  together  on  the  fly  into 
“applications”  or  business 
processes. 

The  standards  play 

While  standards  are  progress¬ 
ing,  many  needed  specifications 
are  still  being  hashed  out. 

“There  is  still  some  shakin’ 
going  on,”  Schmelzer  says  about 
the  development  of  key  specifica¬ 
tions  such  as  business  process, 
management  and  reliability  But 
he  notes  that  the  core  Web  ser¬ 
vices  specifications  such  as  XML, 
SOAP  and  WSDL  are  “pretty 
mature.” 

Beyond  those,  however,  are  an 
alphabet  soup  of  emerging  proto¬ 
cols  that  promise  to  help  facili¬ 
tate,  orchestrate  and  secure  inter¬ 
action  across  an  SOA.  This 
includes  XPath  and  XQuery  for 
data  management;  WS-Discovery 
for  finding  services;  WS- 
Distributed  Management;  WS- 
Addressing  for  messaging;  WS- 
Business  Process  Execution 
Language  for  process  workflow;  a 
litany  of  reliability  specifications 
including  WS-Reliability,  WS- 
ReliableMessaging,  WS-Notifi- 
cations,  WS-Eventing  and  WS- 
ResourceFramework;  and  trans¬ 
action  specifications  including 
WS-Coordination,  WS-Atomic- 
Transaction  and  WS-Business- 
Activity 

“Companies  should  be  aware  of 
where  the  specs  are  at,  but  by  and 
large,  individual  companies  don’t 
implement  the  spec  directly  any¬ 
way.  They  look  for  products,” 
Schmelzer  says.  “So  companies 
need  to  put  pressure  on  the  ven¬ 
dors  to  collaborate  and  get  these 
specs  out.” 

In  general,  the  standards  will 
bring  another  level  of  flexibility 
to  SOA,  and  let  companies  mix 
and  match  and  easily  swap  out 
components  that  stand  behind 
Web  services  interfaces  or  that 


aid  in  service  orientation 
throughout  the  network. 

Traffic  management 

While  companies  will  be  able 
to  put  existing  middleware  to  use, 
such  as  message-oriented  middle¬ 
ware  and  transaction,  Web,  appli¬ 
cation  and  integration  servers, 
middleware  for  an  SOA  is  being 
defined  by  a  concept  called  the 
enterprise  service  bus  from  ven¬ 
dors  such  as  Sonic  and  IBM. 

“What  needs  to  be  built  on  top 
of  existing  middleware  capabili¬ 
ties  is  what  we  call  the  distributed 
services  architecture,”  says  Gor¬ 
don  Van  Huizen,  CTO  of  Sonic. 
“The  unique  aspect  is  that  all 
capabilities  across  the  system  are 
available  as  addressable  event- 
driven  services.  The  applications 
are  not  bound  to  the  middleware; 
they  are  consuming  and  respond¬ 
ing  to  events.” 

Traffic  management  architec¬ 
tures  will  have  to  be  reconfigured 
to  accommodate  special  firm¬ 
ware  and  hardware  to  handle  the 
volume  and  processing  chores  of 
XML  messages,  experts  say. 
Traditional  Layer  2  and  Layer  3 
devices  can’t  parse  XML  mes¬ 
sages  and  need  to  be  comple¬ 
mented  with  specialized  tools 
including  Layer  7  load  balancing, 
transformation  and  routing.  The 
tools  are  needed  to  guarantee 
service-level  agreements,  to  deal 
with  the  multitude  of  expected 
and  unexpected  dependencies 
among  components,  and  to  keep 
interconnected  components  up 
and  running. 

The  needs  have  spawned  such 
vendors  as  Actional,  Amberpoint, 
Digital  Evolution,  Blue  Titan, 
DataPower,  Forum  Systems, 
Sarvega,  seeBeyond,  webMeth- 
ods.Westbridge  and  others. 

Users  also  will  be  challenged  in 
taming  the  ever-growing  size  of 


XML  messages,  which  on  average 
are  10  times  larger  than  equiva¬ 
lent  binary  coding,  and  can 
quickly  clog  network  infrastruc¬ 
ture  and  applications. 

Users  say  those  and  other  issues 
will  need  to  be  considered  when 
retrofitting  legacy  applications 
with  Web  services  interfaces. 

One  lead  architect  for  a  large 
financial  services  company  who 
asked  not  be  identified,  says 
mainframes  aren’t  ready  for  the 
loose  coupling  of  an  SOA. 

“The  reason  you  can  get  95% 
usage  out  of  a  mainframe  is  that 
there  is  very  little  slack  on  the 
mainframe.  The  reason  you  can 
do  that  is  that  everything  is  on 
schedules,  but  when  you  come 
from  a  distributed  world  it  is  not 
on  a  schedule.” 

The  company  is  adding  an  iden¬ 
tity  management  service  to  its 
SOA  to  control  access  after  some 
users  had  written  programs  that 
automatically  tapped  the  Web  ser¬ 
vice  to  extract  entire  mainframe 
databases  “one  record  at  a  time,” 
he  says. 

“When  you  talk  about  SOA,  the 
business  people  say  ‘Great,  it  will 
make  things  easier.  Plug  and  play 
reuse,”’ says  David  Mendien, direc¬ 
tor  of  XML  Web  services  market¬ 
ing  for  Microsoft.  “But  the  IT  pro 
guys  typically  aren’t  as  excited. 
On  its  face  it  looks  terrifying.  A 
distributed  system  has  no  central 
point  of  control.  It  makes  you 
think  of  operations  in  a  totally  dif¬ 
ferent  way” 

NEXT  WEEK:  In  Part  2  of  out¬ 
look  at  service-oriented  archi¬ 
tectures,  users  who  have 
deployed  SOAs  share  their  dos 
and  don  ’ts. 

Get  more  information  online. 
DocFinder:  4461 

www.nwfusion.cen 
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BackSpin 


Mark  Gibbs 


Real  IT  and  fake  accounts 


R 


evision  Department:  Since  my 
Backspin  column  of  last  March 
(www.nwfusion.com,  DocFind- 
er:  4457)  1  have  had  time  to  reflect. 

I  have  pondered  the  oneness  of  the 
Internet,  the  eternal  packet  that  tran¬ 
scends  all  routers  and  the  Zen  of 
spam.  And  I  have  realized  one  cru¬ 
cial  thing:  Computer  monoculture  is  unavoidable. 

There’s  no  way  that  any  real  IT  organization  can 
afford  to  create  an  IT  infrastructure  that  isn’t  a 
monoculture.  If  they  did  so  —  if  they  created  some 
mixture  of  Macs  and  Windows  and  Linux  —  they 
would  go  broke  trying  to  keep  it  all  running. 

The  bottom  line  is  that  standards  are  the  corner¬ 
stone  of  IT: The  goal  is  based  on  standard  applica¬ 
tions  running  under  standard  operating  systems  that 
have  standard  configurations  where  everything  can 
be  audited  and  every  action  authenticated.That’s  it. 
There  is  no  other  way  to  do  it. 

OK,  on  with  the  news. 

A  staggering  number  of  Web  sites  now  require  you 
to  have  some  kind  of  account  with  them. The  rea¬ 
sons  for  this  range  from  the  site  attempting  to  under¬ 
stand  its  readership  to  preventing  spammers  and 
other  miscreants  from  loading  the  system  with  their 
crud  and  building  mailing  lists  for  spamvertising 
campaigns. 


A  new  service  has  appeared  that  is  bound  to 
attract  lots  of  attention  and  quite  possibly  some  legal 
heat:  bugmenot.com,  which  uses  the  tag  line 
“Common  sense  isn’t.” 

The  idea  is  really  simple:  When  you  enter  the  URL 
of  a  site  that  requires  an  account  to  gain  access,  bug- 
menot  either  returns  an  account  name  and  pass¬ 
word  or,  if  an  account  for  that  site  hasn’t  been  en¬ 
tered,  suggests  that  you  provide  the  details  for  one. 

I  tried  looking  up  accounts  for  The  Washington 
Post  and  several  other  sites  and  there  they  were, 
names  and  passwords  for  each  that  worked  just  fine. 
If  this  idea  takes  off,  there  will  be  scores  of  sites  pro¬ 
viding  the  same  service,  which  is  easy  because  all  it 
requires  is  a  simple  database  lookup. 

Already  there’s  a  Firefox  plugin  (DocFinder:  4458) 
that  accesses  the  bugmenot  database.  With  the  plug¬ 
in  installed,  all  you  have  to  do  is  right-click  in  a 
logon  form  on  a  site  and  have  a  name  and  password 
automatically  filled  in. 

However,  the  consequences  could  be  profound. 
Widespread  use  of  this  ploy  will  make  site  statistics 
and  demographic  analyses  even  more  error-prone 
than  they  already  are. 

So  what  could  site  owners  do?  If  they  are  brave, 
they  could  start  using  credit  card  verifications  in 
much  the  same  way  the  pornography  community 
uses  them  for  age  verification. The  downside  of  this 
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is  that  there’s  a  huge  cost  and  liability  associated 
with  storing  credit  card  details  and  verifying  them. 

Site  owners  could  start  mining  the  account  swap¬ 
ping  sites  and  blocking  the  exposed  accounts.  Of 
course,  the  swapping  sites  will  up  the  ante  by  mak¬ 
ing  mining  them  require  human  beings  to  gain 
access. 

But  the  tools  could  get  even  more  interesting. 
Imagine  combining  a  free  utility  such  as  Roboform 
with  a  distributed  peer-to-peer  version  of  the  bug¬ 
menot  database  and  you’ve  got  a  major  assault  on 
the  value  of  Web  registration  systems. 

What  this  whole  story  illustrates  is  the  growing  ten¬ 
sion  between  consumers  and  content  providers. 
Consumers  will  accept  the  conditions  on  your  offer¬ 
ings  as  long  as  they  see  value.  When  that  value  is  not 
apparent,  they  view  the  conditions  almost  as  an 
insult.  They  then  do  one  of  three  things:  They  don’t 
bother  to  sign  up,  they  sign  up  but  with  bad  feelings, 
or  they  go  out  of  their  way  to  lie  when  they  sign  up. 

The  current  generation  of  Internet  consumers 
appears  to  favor  signing  up  with  bad  feelings.The 
next  generation  will,  I  believe,  be  far  more  ready  to 
use  tools  like  bugmenot.The  challenge  for  Web  sites 
is  to  either  offer  real  value  or  forget  about  collecting 
personal  data  when  they  don’t  need  it. 

Real  IDs  only  to  backspin@gibbs.com. 
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News,  insights,  opinions  and  oddities 


By  Paul  McNamara 


A  food  store  first 

This  newspaper  quote  from  Fresh- 
direct  co-founder  Jason  Ackerman  was 
so  amusingly  cheeky  that  I  made  a  note  to  give  the  online  grocer  a  call: 

“For  the  most  part  the  demand  has  been  greater  than  our  ability  to  supply,” 
Ackerman  told  the  Associated  Press  earlier  this  year.  "When  you  deliver  great 
food  people  love  the  convenience  of  it.  If  we  delivered  crappy  food  people 
wouldn't  be  as  excited." 

A  bit  obvious,  perhaps,  but  it  sure  explains  why  CrappyFood.com  went  belly-up. 

It  also  goes  a  long  way  toward  explaining  why  online  groceries,  a  market  seg¬ 
ment  given  up  for  garbage  not  long  ago,  are  today  enjoying  a  second  helping  of 
critical  acclaim  and  investor  interest.  Online  food  stores  still  generate  less  than 
one-half  of  1%  of  the  total  revenue  in  the  grocery  world,  according  to  Jupiter 
Research,  and  won't  hit  1%  until  2008.  But  we’re  talking  about  a  $2.4  billion  "niche” 
that's  expected  to  grow  42%  annually  between  now  and  then  —  no  small  pota¬ 
toes.  New  York-based  Freshdirect  claims  100,000  active  customers  after  a  mere 
two  years  of  pushing  produce  in  the  Big  Apple. 

“Consumers  have  absolutely  integrated  us  as  part  of  their  lifestyles,”  Acker¬ 
man  told  me.  "It’s  sticky,  it’s  working.” 

It’s  also  simple,  if  somewhat  counterintuitive.  Freshdirect  employs  about  1,100 
people  and  operates  out  of  a  single  facility  from  which  it  processes  and  ships 
custom-packaged  fresh  food  and  pre-packaged  items.The  key  is  that  the  compa¬ 
ny  buys  directly  from  farmers  and  has  its  own  employees  butcher,  prep  and  wrap, 
thus  cutting  out  middlemen  and  costs. 

“The  whole  premise  behind  the  business  was  to  take  the  inefficiencies  in  the 
way  that  food  is  managed  and  use  technology  to  create  real  physical  advantages 
on  processing  and  controls  on  the  food,”  Ackerman  says.  “Almost  all  of  our  time 
is  spent  on  building  what  is  really  like  a  Dell  model,  which  is  a  just-in-time,  made- 


to-order  system.  When  you  do  that  for  fresh  food  —  food  that  needs  some  level 
of  processing  and  the  shelf  lives  are  short  —  you  create  a  unique  opportunity  to 
reduce  your  waste  and  improve  your  quality.” 

That  orders  are  placed  online  is  important  in  that  it  allows  for  a  just-in-time 
production  model,  but  being  online  isn’t  what  drives  Freshdirect's  success, 
according  to  Ackerman. 

"We’ve  never  really  viewed  this  as  an  Internet  business. ...  At  the  end  of  the 
day,  the  online  convenience  is  not  where  we  think  we  compete,”  he  says.  "In  New 
York,  you've  got  four  players  doing  online  business,  so  it's  really  about  who  went 
out  there  with  the  best  food  store.” 

And  what  do  customers  think? 

“They're  awesome,”  says  JohnaTill  Johnson,  a  Manhattan  resident  who  writes 
Network  World’s  Eye  on  the  Carriers  column.  “You  can  find  what  you’re  looking 
for  from  practically  any  angle  —  type  of  food,  brand  name,  food  category.  Once 
you  find  the  food,  you  can  drill  down  and  get  calorie  counts,  cooking  tips,  and  lots 
and  lots  of  preparation  options. 

“They  run  a  pretty  tight  ship.They  store  your  contact  information  and  credit 
card,  and  you  can  log  on  [password-protected]  and  place  standing  orders  for 
stuff.  You  can  specify  when  you’d  like  it  to  be  delivered  —  what  day,  what  time, 
within  a  two-hour  block.” 

Sounds  yummy. 

Surprisingly  enough,  half  of  Freshdirect  customers  still  use  pokey  dial-up  con¬ 
nections  to  place  their  orders,  a  fact  which  in  and  of  itself  seems  to  suggest  a 
high  level  of  loyalty  and  satisfaction. 

Ackerman  acknowledges  that  Freshdirect’s  model  is  labor-intensive  and 
requires  a  highly  skilled  workforce,  but  he’s  confident  that  it  can  be  exported  to 
"the  top  20  cities  in  the  country  and  be  effective  on  delivery.” 


Replies  to  e-mail  sent  to  this  address  —  buzz@nww.com 
and  sent  just  in  time. 
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Server  Iron  —when  it  comes  to  Layer  4-7  load  balancing,  there  is  no  summit! 
Just  a  continuous  journey.  Foundry’s  Server  Iron  switches  continue  to  be  the  trailblazer 
for  server  scalability  with  one  accomplishment  after  another.  Serverlron  switches  protect 
servers  against  denial-of-service  attacks,  improve  server  scalability  and  vastly  enhance  server 
reliability.  Serverlron  makes  it  easy  to  manage  all  your  networked  applications  and  improve 
user  response  time  while  eliminating  application  downtime.  It’s  the  industry  leader  in 
performance,  intelligence,  security,  and  price.  So  it’s  no  coincidence  that  Serverlron  is  the 
product  of  choice  for  the  world’s  largest  and  most  demanding  customers.  Visit  us  today  at 
www.fou  ndr  vnet  work  s .  com  /si .  Or  call  1  .S88.TURBOLAN  ( 1 .888.887.2652), 
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Companies  adopting  HP  Integrity  servers,  powered  by  industry-leading  Intel®  Itanium®  2  Processors,  are  seeing  remarkable  gains  in  performance 

The  momentum  is  building.  One  after  another,  companies  are  choosing  HP  Integrity  servers.  Leading  software  and  technology  partners  such  as 
BEA,  Microsoft,®  Oracle,  SAP  and  Siebel  Systems  have  embraced  the  platform  as  an  industry  standard.  And  with  the  ability  to  manage  a  mixed 
environment  of  UNIX,  Microsoft®  Windowsf  Linux  and  OpenVMS,  HP  Integrity  servers  are  fast  becoming  the  ultimate  consolidation  tool.  Demand 
maximum  performance,  reliability  and  cost-efficiency  now,  on  a  platform  that  will  carry  you  forward  into  the  future.  Demand  performance  that's 
real-world  proven,  and  get  it— with  HP  Integrity  server  solutions. 


Choosing  HP  Integrity  servers,  choosing  results. 


AIRBUS  UK: 

Running  HP-UX!  li  on  HP  Integrity 
servers,  20-30  wing  design 
simulations  that  used  to  take 
weeks  are  now  done  overnight. 


COMPUSA: 

Going  with  64-bit  architecture 
using  HP  Integrity  servers, 
they  cut  access  time  to  inventory 
data  by  up  to  85%. 


FIAT  AUTO: 

Standardizing  on  64-bit 
infrastructure  using  HP  Integrity 
servers,  they're  integrating  and 
enhancing  sales  and  service  as 
well  as  streamlining  the  buying 
process  while  lowering  sales  cost, 


THE  KOEHLER  GROUP: 

Moving  to  an  environment 
composed  of  HP  Integrity  servers, 
they  gained  a  50%  improvement 
in  mission-critical  performance. 
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To  get  the  IDC  white  paper  outlining  the  performance  of  HP  Integrity 
servers  with  Intel®  Itanium®  2  Processors, 

CALL 

1-800-282-6672 

option  5,  mention  code  AQHG 

CLICK 

hp.com/go/demandintegrity6 
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